From null at suse.de Fri May 1 08:30:06 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 May 2026 08:30:06 -0000 Subject: SUSE-SU-2026:1667-1: low: Security update for python-Pygments Message-ID: <177762420631.405.3513769983019711258@9f1e1d6b19fe> # Security update for python-Pygments Announcement ID: SUSE-SU-2026:1667-1 Release Date: 2026-04-30T17:22:44Z Rating: low References: * bsc#1260796 Cross-References: * CVE-2026-4539 CVSS scores: * CVE-2026-4539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-4539 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4539 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.3 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-Pygments fixes the following issues: * CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS (bsc#1260796). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-1667=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1667=1 ## Package List: * openSUSE Leap 15.3 (noarch) * python3-Pygments-2.6.1-150300.4.6.1 * Basesystem Module 15-SP7 (noarch) * python3-Pygments-2.6.1-150300.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4539.html * https://bugzilla.suse.com/show_bug.cgi?id=1260796 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 1 08:30:09 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 May 2026 08:30:09 -0000 Subject: SUSE-SU-2026:1666-1: low: Security update for python-Pygments Message-ID: <177762420960.405.5433156364610276965@9f1e1d6b19fe> # Security update for python-Pygments Announcement ID: SUSE-SU-2026:1666-1 Release Date: 2026-04-30T17:22:22Z Rating: low References: * bsc#1260796 Cross-References: * CVE-2026-4539 CVSS scores: * CVE-2026-4539 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-4539 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4539 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-Pygments fixes the following issues: * CVE-2026-4539: inefficient regex for GUID and ID pattern matching can lead to archetype lexer ReDoS (bsc#1260796). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-1666=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-1666=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1666=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1666=1 ## Package List: * Public Cloud Module 15-SP4 (noarch) * python311-Pygments-2.15.1-150400.7.10.1 * Python 3 Module 15-SP7 (noarch) * python311-Pygments-2.15.1-150400.7.10.1 * openSUSE Leap 15.4 (noarch) * python311-Pygments-2.15.1-150400.7.10.1 * openSUSE Leap 15.6 (noarch) * python311-Pygments-2.15.1-150400.7.10.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4539.html * https://bugzilla.suse.com/show_bug.cgi?id=1260796 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 1 16:30:36 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 May 2026 16:30:36 -0000 Subject: SUSE-SU-2026:1668-1: important: Security update for the Linux Kernel Message-ID: <177765303618.432.2644152277612383459@9f1e1d6b19fe> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1668-1 Release Date: 2026-05-01T08:37:57Z Rating: important References: * bsc#1220186 * bsc#1228031 * bsc#1246057 * bsc#1249522 * bsc#1257221 * bsc#1257773 * bsc#1258280 * bsc#1259770 * bsc#1259797 * bsc#1259865 * bsc#1259870 * bsc#1259889 * bsc#1259997 * bsc#1260009 * bsc#1260489 * bsc#1260536 * bsc#1260551 * bsc#1260730 * bsc#1260799 Cross-References: * CVE-2024-26584 * CVE-2025-38234 * CVE-2025-39759 * CVE-2025-71268 * CVE-2025-71269 * CVE-2026-22990 * CVE-2026-23103 * CVE-2026-23120 * CVE-2026-23243 * CVE-2026-23262 * CVE-2026-23272 * CVE-2026-23277 * CVE-2026-23318 * CVE-2026-23362 * CVE-2026-23382 * CVE-2026-23386 * CVE-2026-23398 CVSS scores: * CVE-2024-26584 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26584 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38234 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38234 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38234 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-39759 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N * CVE-2025-39759 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39759 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71268 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71268 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-71269 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-71269 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22990 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-22990 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22990 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-22990 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23103 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23103 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23120 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23120 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23262 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23262 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2026-23272 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23272 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23272 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23277 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23277 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23318 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23362 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23362 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23382 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23382 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23386 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23386 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23386 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23398 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-23398 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23398 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 17 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2024-26584: net/tls: return ENOTSUPP on tls_init() (bsc#1220186). * CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057). * CVE-2025-39759: btrfs: qgroup: fix race between quota disable and quota rescan ioctl (bsc#1249522). * CVE-2025-71268: btrfs: fix reservation leak in some error paths when inserting inline extent (bsc#1259865). * CVE-2025-71269: btrfs: do not free data reservation in fallback from inline due to -ENOSPC (bsc#1259889). * CVE-2026-22990: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (bsc#1257221). * CVE-2026-23103: ipvlan: Make the addrs_lock be per port (bsc#1257773). * CVE-2026-23120: l2tp: avoid one data-race in l2tp_tunnel_del_work() (bsc#1258280). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797). * CVE-2026-23262: gve: Fix stats report corruption on queue count change (bsc#1259870). * CVE-2026-23272: netfilter: nf_tables: unconditionally bump set-nelems before insertion (bsc#1260009). * CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (bsc#1259997). * CVE-2026-23318: ALSA: usb-audio: Use correct version for UAC3 header validation (bsc#1260536). * CVE-2026-23362: can: bcm: fix locking for bcm_op runtime updates (bsc#1260489). * CVE-2026-23382: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them (bsc#1260551). * CVE-2026-23386: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL (bsc#1260799). * CVE-2026-23398: icmp: fix NULL pointer dereference in icmp_tag_validation() (bsc#1260730). The following non security issues were fixed: * btrfs: fix processing of delayed data refs during backref walking (bsc#1228031). * fs: skip superblock shrink on frozen xfs filesystems (bsc#1259770). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1668=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1668=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1668=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-4.12.14-122.299.1 * kernel-default-base-4.12.14-122.299.1 * dlm-kmp-default-debuginfo-4.12.14-122.299.1 * kernel-default-devel-4.12.14-122.299.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.299.1 * kernel-default-base-debuginfo-4.12.14-122.299.1 * kernel-default-debugsource-4.12.14-122.299.1 * kernel-syms-4.12.14-122.299.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.299.1 * cluster-md-kmp-default-4.12.14-122.299.1 * ocfs2-kmp-default-4.12.14-122.299.1 * gfs2-kmp-default-4.12.14-122.299.1 * kernel-default-debuginfo-4.12.14-122.299.1 * dlm-kmp-default-4.12.14-122.299.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.299.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-source-4.12.14-122.299.1 * kernel-macros-4.12.14-122.299.1 * kernel-devel-4.12.14-122.299.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.299.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.299.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * gfs2-kmp-default-debuginfo-4.12.14-122.299.1 * kernel-default-base-4.12.14-122.299.1 * dlm-kmp-default-debuginfo-4.12.14-122.299.1 * kernel-default-devel-4.12.14-122.299.1 * kernel-default-devel-debuginfo-4.12.14-122.299.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.299.1 * kernel-default-base-debuginfo-4.12.14-122.299.1 * kernel-default-debugsource-4.12.14-122.299.1 * kernel-syms-4.12.14-122.299.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.299.1 * cluster-md-kmp-default-4.12.14-122.299.1 * ocfs2-kmp-default-4.12.14-122.299.1 * gfs2-kmp-default-4.12.14-122.299.1 * kernel-default-debuginfo-4.12.14-122.299.1 * dlm-kmp-default-4.12.14-122.299.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.299.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-source-4.12.14-122.299.1 * kernel-macros-4.12.14-122.299.1 * kernel-devel-4.12.14-122.299.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.299.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-kgraft-devel-4.12.14-122.299.1 * kgraft-patch-4_12_14-122_299-default-1-8.3.1 * kernel-default-debugsource-4.12.14-122.299.1 * kernel-default-kgraft-4.12.14-122.299.1 * kernel-default-debuginfo-4.12.14-122.299.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26584.html * https://www.suse.com/security/cve/CVE-2025-38234.html * https://www.suse.com/security/cve/CVE-2025-39759.html * https://www.suse.com/security/cve/CVE-2025-71268.html * https://www.suse.com/security/cve/CVE-2025-71269.html * https://www.suse.com/security/cve/CVE-2026-22990.html * https://www.suse.com/security/cve/CVE-2026-23103.html * https://www.suse.com/security/cve/CVE-2026-23120.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://www.suse.com/security/cve/CVE-2026-23262.html * https://www.suse.com/security/cve/CVE-2026-23272.html * https://www.suse.com/security/cve/CVE-2026-23277.html * https://www.suse.com/security/cve/CVE-2026-23318.html * https://www.suse.com/security/cve/CVE-2026-23362.html * https://www.suse.com/security/cve/CVE-2026-23382.html * https://www.suse.com/security/cve/CVE-2026-23386.html * https://www.suse.com/security/cve/CVE-2026-23398.html * https://bugzilla.suse.com/show_bug.cgi?id=1220186 * https://bugzilla.suse.com/show_bug.cgi?id=1228031 * https://bugzilla.suse.com/show_bug.cgi?id=1246057 * https://bugzilla.suse.com/show_bug.cgi?id=1249522 * https://bugzilla.suse.com/show_bug.cgi?id=1257221 * https://bugzilla.suse.com/show_bug.cgi?id=1257773 * https://bugzilla.suse.com/show_bug.cgi?id=1258280 * https://bugzilla.suse.com/show_bug.cgi?id=1259770 * https://bugzilla.suse.com/show_bug.cgi?id=1259797 * https://bugzilla.suse.com/show_bug.cgi?id=1259865 * https://bugzilla.suse.com/show_bug.cgi?id=1259870 * https://bugzilla.suse.com/show_bug.cgi?id=1259889 * https://bugzilla.suse.com/show_bug.cgi?id=1259997 * https://bugzilla.suse.com/show_bug.cgi?id=1260009 * https://bugzilla.suse.com/show_bug.cgi?id=1260489 * https://bugzilla.suse.com/show_bug.cgi?id=1260536 * https://bugzilla.suse.com/show_bug.cgi?id=1260551 * https://bugzilla.suse.com/show_bug.cgi?id=1260730 * https://bugzilla.suse.com/show_bug.cgi?id=1260799 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:16 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:16 -0000 Subject: SUSE-SU-2026:21465-1: important: Security update for the Linux Kernel Message-ID: <177788359664.1375.7216624420742882558@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21465-1 Release Date: 2026-05-01T23:16:53Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 * SUSE Linux Micro Extras 6.1 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.1 zypper in -t patch SUSE-SLE-Micro-Extras-6.1-kernel-368=1 ## Package List: * SUSE Linux Micro Extras 6.1 (nosrc) * kernel-64kb-6.4.0-42.1 * SUSE Linux Micro Extras 6.1 (aarch64) * kernel-64kb-debugsource-6.4.0-42.1 * kernel-64kb-devel-6.4.0-42.1 * SUSE Linux Micro Extras 6.1 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-42.1 * kernel-obs-build-6.4.0-42.1 * kernel-syms-6.4.0-42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:20 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:20 -0000 Subject: SUSE-SU-2026:21464-1: moderate: Security update for vim Message-ID: <177788360045.1375.13523672446303886549@dde0e951fc7e> # Security update for vim Announcement ID: SUSE-SU-2026:21464-1 Release Date: 2026-04-29T11:29:57Z Rating: moderate References: * bsc#1261833 Cross-References: * CVE-2026-39881 CVSS scores: * CVE-2026-39881 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39881 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2026-39881 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N * CVE-2026-39881 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 * SUSE Linux Micro Extras 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for vim fixes the following issue: Update to version 9.2.0398. Security issues fixed: * CVE-2026-39881: missing sanitization in `defineAnnoType` and `specialKeys` can lead to arbitrary Ex command injection via a malicious NetBeans server (bsc#1261833). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.1 zypper in -t patch SUSE-SLE-Micro-Extras-6.1-515=1 ## Package List: * SUSE Linux Micro Extras 6.1 (aarch64 ppc64le s390x x86_64) * vim-debugsource-9.2.0398-slfo.1.1_1.1 * vim-debuginfo-9.2.0398-slfo.1.1_1.1 * vim-9.2.0398-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-39881.html * https://bugzilla.suse.com/show_bug.cgi?id=1261833 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:29 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:29 -0000 Subject: SUSE-SU-2026:21463-1: important: Security update for the Linux Kernel Message-ID: <177788360916.1375.6486554074807541625@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21463-1 Release Date: 2026-05-02T07:27:55Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-666=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le x86_64) * kernel-default-base-6.12.0-160000.29.1.160000.2.9 * SUSE Linux Micro 6.2 (noarch) * kernel-devel-6.12.0-160000.29.1 * kernel-macros-6.12.0-160000.29.1 * kernel-source-6.12.0-160000.29.1 * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.12.0-160000.29.1 * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-6.12.0-160000.29.1 * kernel-default-extra-debuginfo-6.12.0-160000.29.1 * kernel-default-extra-6.12.0-160000.29.1 * kernel-default-debuginfo-6.12.0-160000.29.1 * kernel-default-debugsource-6.12.0-160000.29.1 * SUSE Linux Micro 6.2 (x86_64) * kernel-rt-livepatch-6.12.0-160000.29.1 * kernel-default-devel-debuginfo-6.12.0-160000.29.1 * kernel-rt-devel-debuginfo-6.12.0-160000.29.1 * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-default-livepatch-6.12.0-160000.29.1 * SUSE Linux Micro 6.2 (aarch64 nosrc x86_64) * kernel-rt-6.12.0-160000.29.1 * SUSE Linux Micro 6.2 (aarch64 x86_64) * kernel-rt-debugsource-6.12.0-160000.29.1 * kernel-rt-debuginfo-6.12.0-160000.29.1 * kernel-rt-devel-6.12.0-160000.29.1 * SUSE Linux Micro 6.2 (aarch64 nosrc) * kernel-64kb-6.12.0-160000.29.1 * SUSE Linux Micro 6.2 (aarch64) * kernel-64kb-debugsource-6.12.0-160000.29.1 * kernel-64kb-debuginfo-6.12.0-160000.29.1 * kernel-64kb-devel-6.12.0-160000.29.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:30 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:30 -0000 Subject: SUSE-RU-2026:21462-1: important: Recommended update for the initial kernel livepatch Message-ID: <177788361095.1375.688131700589351899@dde0e951fc7e> # Recommended update for the initial kernel livepatch Announcement ID: SUSE-RU-2026:21462-1 Release Date: 2026-05-02T07:26:35Z Rating: important References: Affected Products: * SUSE Linux Micro 6.2 An update that can now be installed. ## Description: This update contains initial livepatches for the SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel update. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-667=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_8-debugsource-1-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-debuginfo-1-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-1-160000.1.1 * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_8-debugsource-1-160000.1.1 * kernel-livepatch-6_12_0-160000_29-rt-1-160000.1.1 * kernel-livepatch-6_12_0-160000_29-rt-debuginfo-1-160000.1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:35 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:35 -0000 Subject: SUSE-SU-2026:21461-1: moderate: Security update for helm Message-ID: <177788361593.1375.11103990534406185335@dde0e951fc7e> # Security update for helm Announcement ID: SUSE-SU-2026:21461-1 Release Date: 2026-04-30T13:26:15Z Rating: moderate References: * bsc#1248093 * bsc#1261938 Cross-References: * CVE-2025-55199 * CVE-2026-35206 CVSS scores: * CVE-2025-55199 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-55199 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-55199 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-35206 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-35206 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-35206 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-35206 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues: Update to version 3.20.2. Security issued fixed: * CVE-2025-55199: specially crafted JSON Schema can lead to out of memory (OOM) termination (bsc#1248093). * CVE-2026-35206: specially crafted Chart will have contents extracted to immediate output directory rather than to expected output directory suffixed by the Chart's name (bsc#1261938). Other updates and bugfixes: * Version 3.20.1: * chore(deps): bump the k8s-io group with 7 updates a2369ca (dependabot[bot]) * add image index test 90e1056 (Pedro T?rres) * fix pulling charts from OCI indices 911f2e9 (Pedro T?rres) * Remove refactorring changes from coalesce_test.go 76dad33 (Evans Mungai) * Fix import 45c12f7 (Evans Mungai) * Update pkg/chart/common/util/coalesce_test.go 26c6f19 (Evans Mungai) * Fix lint warning 09f5129 (Evans Mungai) * Preserve nil values in chart already 417deb2 (Evans Mungai) * fix(values): preserve nil values when chart default is empty map 5417bfa (Evans Mungai) * Version 3.20.0: * SDK: bump k8s API versions to v0.35.0 * v3 backport: Fixed a bug where helm uninstall with --keep-history did not suspend previous deployed releases #12564 * v3 backport: Bump Go version to v1.25 * bump version to v3.20 * chore(deps): bump golang.org/x/text from 0.32.0 to 0.33.0 * chore(deps): bump golang.org/x/term from 0.38.0 to 0.39.0 * chore(deps): bump github.com/foxcpp/go-mockdns from 1.1.0 to 1.2.0 * chore(deps): bump the k8s-io group with 7 updates * [dev-v3] Replace deprecated `NewSimpleClientset` * [dev-v3] Bump Go v1.25, `golangci-lint` v2 * chore(deps): bump github.com/BurntSushi/toml from 1.5.0 to 1.6.0 * chore(deps): bump github.com/containerd/containerd from 1.7.29 to 1.7.30 * fix(rollback): `errors.Is` instead of string comp * fix(uninstall): supersede deployed releases * Use latest patch release of Go in releases * chore(deps): bump golang.org/x/crypto from 0.45.0 to 0.46.0 * chore(deps): bump golang.org/x/text from 0.31.0 to 0.32.0 * chore(deps): bump golang.org/x/term from 0.37.0 to 0.38.0 * chore(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 * chore(deps): bump github.com/rubenv/sql-migrate from 1.8.0 to 1.8.1 * chore(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 * chore(deps): bump github.com/cyphar/filepath-securejoin * chore(deps): bump golang.org/x/text from 0.30.0 to 0.31.0 * chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.44.0 * Remove dev-v3 `helm-latest-version` publish * chore(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 1.7.28 to 1.7.29 * Revert "pkg/registry: Login option for passing TLS config in memory" * jsonschema: warn and ignore unresolved URN $ref to match v3.18.4 * Fix `helm pull` untar dir check with repo urls * chore(deps): bump golang.org/x/crypto from 0.42.0 to 0.43.0 * chore(deps): bump github.com/gofrs/flock from 0.12.1 to 0.13.0 * chore(deps): bump golang.org/x/text from 0.29.0 to 0.30.0 * [backport] fix: get-helm-3 script use helm3-latest-version * pkg/registry: Login option for passing TLS config in memory * Fix deprecation warning * chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.42.0 * chore(deps): bump golang.org/x/term from 0.34.0 to 0.35.0 * Avoid "panic: interface conversion: interface {} is nil" * bump version to v3.19.0 * chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10 * fix: set repo authorizer in registry.Client.Resolve() * fix null merge * Add timeout flag to repo add and update flags * Version 3.19.5: * Fixed bug where removing subchart value via override resulted in warning #31118 * Fixed bug where helm uninstall with --keep-history did not suspend previous deployed releases #12556 * fix(rollback): errors.Is instead of string comp 4a19a5b (Hidde Beydals) * fix(uninstall): supersede deployed releases 7a00235 (Hidde Beydals) * fix null merge 578564e (Ben Foster) * Version 3.19.4: * Use latest patch release of Go in releases 7cfb6e4 (Matt Farina) * chore(deps): bump github.com/gofrs/flock from 0.12.1 to 0.13.0 59c951f (dependabot[bot]) * chore(deps): bump github.com/cyphar/filepath-securejoin d45f3f1 * chore(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 d459544 (dependabot[bot]) * chore(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 becd387 (dependabot[bot]) * chore(deps): bump the k8s-io group with 7 updates edb1579 * Version 3.19.3: * Bump golang.org/x/crypto to v0.45.0 * Version 3.19.2: * [backport] fix: get-helm-3 script use helm3-latest-version 8766e71 (George Jenkins) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-661=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * helm-3.20.2-160000.1.1 * helm-debuginfo-3.20.2-160000.1.1 * SUSE Linux Micro 6.2 (noarch) * helm-bash-completion-3.20.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55199.html * https://www.suse.com/security/cve/CVE-2026-35206.html * https://bugzilla.suse.com/show_bug.cgi?id=1248093 * https://bugzilla.suse.com/show_bug.cgi?id=1261938 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:39 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:39 -0000 Subject: SUSE-SU-2026:21460-1: important: Security update for the Linux Kernel Message-ID: <177788361937.1375.14817908177352207152@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21460-1 Release Date: 2026-05-02T07:09:30Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 * SUSE Linux Micro Extras 6.2 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.2 zypper in -t patch SUSE-SLE-Micro-Extras-6.2-666=1 ## Package List: * SUSE Linux Micro Extras 6.2 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.12.0-160000.29.1 * kernel-syms-6.12.0-160000.29.1 * kernel-obs-build-6.12.0-160000.29.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:43 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:43 -0000 Subject: SUSE-SU-2026:21459-1: important: Security update for the Linux Kernel Message-ID: <177788362303.1375.17703094733942782911@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21459-1 Release Date: 2026-05-02T08:47:22Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Micro 6.0 and 6.1 RT kernel was updated to fix one security issue. The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-Extras-6.0-kernel-370=1 ## Package List: * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-rt-6.4.0-42.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-rt-devel-6.4.0-42.1 * kernel-rt-devel-debuginfo-6.4.0-42.1 * kernel-rt-debugsource-6.4.0-42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:46 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:46 -0000 Subject: SUSE-SU-2026:21458-1: important: Security update for the Linux Kernel Message-ID: <177788362654.1375.1343181443476883527@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21458-1 Release Date: 2026-05-01T23:16:53Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro Extras 6.0 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.0 zypper in -t patch SUSE-SLE-Micro-Extras-6.0-kernel-368=1 ## Package List: * SUSE Linux Micro Extras 6.0 (nosrc) * kernel-64kb-6.4.0-42.1 * kernel-default-6.4.0-42.1 * SUSE Linux Micro Extras 6.0 (aarch64) * kernel-64kb-debugsource-6.4.0-42.1 * kernel-64kb-devel-6.4.0-42.1 * SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64) * kernel-obs-build-debugsource-6.4.0-42.1 * kernel-default-devel-6.4.0-42.1 * kernel-default-debugsource-6.4.0-42.1 * kernel-syms-6.4.0-42.1 * kernel-obs-build-6.4.0-42.1 * SUSE Linux Micro Extras 6.0 (x86_64) * kernel-default-devel-debuginfo-6.4.0-42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:47 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:47 -0000 Subject: SUSE-SU-2026:21457-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_20 Message-ID: <177788362773.1375.2431095747938880106@dde0e951fc7e> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_20 Announcement ID: SUSE-SU-2026:21457-1 Release Date: 2026-05-02T08:51:37Z Rating: important References: Affected Products: * SUSE Linux Micro 6.1 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_20 fixes the following issues: This is the initial kernel RT livepatch for update 20. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-371=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_20-debugsource-1-1.1 * kernel-livepatch-6_4_0-42-rt-debuginfo-1-1.1 * kernel-livepatch-6_4_0-42-rt-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:49 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:49 -0000 Subject: SUSE-SU-2026:21456-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_19 Message-ID: <177788362952.1375.536671022208195023@dde0e951fc7e> # Security update for kernel-livepatch-MICRO-6-0_Update_19 Announcement ID: SUSE-SU-2026:21456-1 Release Date: 2026-05-01T21:26:43Z Rating: important References: Affected Products: * SUSE Linux Micro 6.1 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_19 fixes the following issues: This is the initial livepatch for Update 19. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-369=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_19-debugsource-1-1.1 * kernel-livepatch-6_4_0-42-default-debuginfo-1-1.1 * kernel-livepatch-6_4_0-42-default-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:33:56 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:33:56 -0000 Subject: SUSE-SU-2026:21455-1: moderate: Security update for openCryptoki Message-ID: <177788363660.1375.18279472856423865395@dde0e951fc7e> # Security update for openCryptoki Announcement ID: SUSE-SU-2026:21455-1 Release Date: 2026-04-27T12:00:49Z Rating: moderate References: * bsc#1248002 * bsc#1257116 * bsc#1262283 Cross-References: * CVE-2026-23893 * CVE-2026-40253 CVSS scores: * CVE-2026-23893 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L * CVE-2026-23893 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L * CVE-2026-40253 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities and has one fix can now be installed. ## Description: This update for openCryptoki fixes the following issues: * CVE-2026-23893: use of symlinks in group-writable token directories can lead to privilege escalation and data exposure (bsc#1257116). * CVE-2026-40253: malformed BER-encoded cryptographic objects can lead to information disclosure and denial of service (bsc#1262283). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-511=1 ## Package List: * SUSE Linux Micro 6.1 (s390x) * openCryptoki-3.23.0-slfo.1.1_2.1 * openCryptoki-debuginfo-3.23.0-slfo.1.1_2.1 * openCryptoki-debugsource-3.23.0-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23893.html * https://www.suse.com/security/cve/CVE-2026-40253.html * https://bugzilla.suse.com/show_bug.cgi?id=1248002 * https://bugzilla.suse.com/show_bug.cgi?id=1257116 * https://bugzilla.suse.com/show_bug.cgi?id=1262283 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:00 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:00 -0000 Subject: SUSE-SU-2026:21454-1: important: Security update for the Linux Kernel Message-ID: <177788364009.1375.1158216326164572925@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21454-1 Release Date: 2026-05-02T10:03:34Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Micro 6.0 and 6.1 RT kernel was updated to fix one security issue. The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-370=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * kernel-devel-rt-6.4.0-42.1 * kernel-source-rt-6.4.0-42.1 * SUSE Linux Micro 6.1 (aarch64 nosrc x86_64) * kernel-rt-6.4.0-42.1 * SUSE Linux Micro 6.1 (aarch64 x86_64) * kernel-rt-devel-6.4.0-42.1 * kernel-rt-debugsource-6.4.0-42.1 * kernel-rt-debuginfo-6.4.0-42.1 * SUSE Linux Micro 6.1 (x86_64) * kernel-rt-devel-debuginfo-6.4.0-42.1 * kernel-rt-livepatch-6.4.0-42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:04 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:04 -0000 Subject: SUSE-SU-2026:21453-1: important: Security update for the Linux Kernel Message-ID: <177788364443.1375.9894859136223415279@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21453-1 Release Date: 2026-05-01T23:16:53Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-368=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-42.1.21.19 * SUSE Linux Micro 6.1 (noarch) * kernel-macros-6.4.0-42.1 * kernel-devel-6.4.0-42.1 * kernel-source-6.4.0-42.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-42.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-6.4.0-42.1 * kernel-default-debuginfo-6.4.0-42.1 * kernel-default-devel-6.4.0-42.1 * SUSE Linux Micro 6.1 (ppc64le x86_64) * kernel-default-devel-debuginfo-6.4.0-42.1 * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-default-livepatch-6.4.0-42.1 * SUSE Linux Micro 6.1 (nosrc x86_64) * kernel-kvmsmall-6.4.0-42.1 * SUSE Linux Micro 6.1 (x86_64) * kernel-kvmsmall-debugsource-6.4.0-42.1 * kernel-kvmsmall-debuginfo-6.4.0-42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:16 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:16 -0000 Subject: SUSE-SU-2026:21452-1: important: Security update for curl Message-ID: <177788365685.1375.16148094364054887120@dde0e951fc7e> # Security update for curl Announcement ID: SUSE-SU-2026:21452-1 Release Date: 2026-04-30T14:47:08Z Rating: important References: * bsc#1259362 * bsc#1262631 * bsc#1262632 * bsc#1262635 * bsc#1262636 * bsc#1262638 Cross-References: * CVE-2026-1965 * CVE-2026-4873 * CVE-2026-5545 * CVE-2026-6253 * CVE-2026-6276 * CVE-2026-6429 CVSS scores: * CVE-2026-1965 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2026-1965 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-1965 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-4873 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-4873 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-5545 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-5545 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-6253 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6253 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6276 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6276 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6429 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6429 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: Security issues fixed: * CVE-2026-4873: connection reuse ignores TLS requirement (bsc#1262631). * CVE-2026-5545: wrong reuse of HTTP Negotiate connection (bsc#1262632). * CVE-2026-6253: proxy credentials leak over redirect-to proxy (bsc#1262635). * CVE-2026-6276: stale custom cookie host causes cookie leak (bsc#1262636). * CVE-2026-6429: netrc credential leak with reused proxy connection (bsc#1262638). Other updates and bugfixes: * sws: prevent "connection monitor" to say disconnect twice (bsc#1259362). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-517=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * curl-8.14.1-slfo.1.1_7.1 * libcurl4-8.14.1-slfo.1.1_7.1 * curl-debugsource-8.14.1-slfo.1.1_7.1 * libcurl4-debuginfo-8.14.1-slfo.1.1_7.1 * curl-debuginfo-8.14.1-slfo.1.1_7.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1965.html * https://www.suse.com/security/cve/CVE-2026-4873.html * https://www.suse.com/security/cve/CVE-2026-5545.html * https://www.suse.com/security/cve/CVE-2026-6253.html * https://www.suse.com/security/cve/CVE-2026-6276.html * https://www.suse.com/security/cve/CVE-2026-6429.html * https://bugzilla.suse.com/show_bug.cgi?id=1259362 * https://bugzilla.suse.com/show_bug.cgi?id=1262631 * https://bugzilla.suse.com/show_bug.cgi?id=1262632 * https://bugzilla.suse.com/show_bug.cgi?id=1262635 * https://bugzilla.suse.com/show_bug.cgi?id=1262636 * https://bugzilla.suse.com/show_bug.cgi?id=1262638 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:26 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:26 -0000 Subject: SUSE-RU-2026:21451-1: moderate: Recommended update for libzypp, zypper Message-ID: <177788366649.1375.9763235678840937587@dde0e951fc7e> # Recommended update for libzypp, zypper Announcement ID: SUSE-RU-2026:21451-1 Release Date: 2026-04-30T08:41:59Z Rating: moderate References: * bsc#1239718 * bsc#1246504 * bsc#1253193 * bsc#1259706 * bsc#1259842 Affected Products: * SUSE Linux Micro 6.1 An update that has five fixes can now be installed. ## Description: This update for libzypp, zypper fixes the following issues: Changes in libzypp: * Update to version 17.38.7: * Fix purge-kernel -rc kernel handling (bsc#1239718) * Explicitly_set_pool_DISTTYPE_RPM * Update to version 17.38.6: * Check for trusted key updates when updating the general keyring (bsc#1259706) * Support multiple MirroredOrigin authorities (bsc#1253193) * Workaround a doxygen bug * libzypp.spec: Add missing graphviz-gd BuildRequires (bsc#1259842) Changes in zypper: * Update to version 1.14.96: * Autorefresh ris-services the way as plugin-services (bsc#1246504) It's actually wrong to treat service refreshes different depending on the service type. For the purpose of a service it makes no difference how the data about the repos to use are acquired. ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-516=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * zypper-1.14.96-slfo.1.1_1.1 * libzypp-debuginfo-17.38.7-slfo.1.1_1.1 * libzypp-debugsource-17.38.7-slfo.1.1_1.1 * zypper-debuginfo-1.14.96-slfo.1.1_1.1 * libzypp-17.38.7-slfo.1.1_1.1 * zypper-debugsource-1.14.96-slfo.1.1_1.1 * SUSE Linux Micro 6.1 (noarch) * zypper-needs-restarting-1.14.96-slfo.1.1_1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1239718 * https://bugzilla.suse.com/show_bug.cgi?id=1246504 * https://bugzilla.suse.com/show_bug.cgi?id=1253193 * https://bugzilla.suse.com/show_bug.cgi?id=1259706 * https://bugzilla.suse.com/show_bug.cgi?id=1259842 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:29 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:29 -0000 Subject: SUSE-SU-2026:21450-1: moderate: Security update for vim Message-ID: <177788366916.1375.10119140287277445988@dde0e951fc7e> # Security update for vim Announcement ID: SUSE-SU-2026:21450-1 Release Date: 2026-04-29T11:29:57Z Rating: moderate References: * bsc#1261833 Cross-References: * CVE-2026-39881 CVSS scores: * CVE-2026-39881 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39881 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2026-39881 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N * CVE-2026-39881 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for vim fixes the following issue: Update to version 9.2.0398. Security issues fixed: * CVE-2026-39881: missing sanitization in `defineAnnoType` and `specialKeys` can lead to arbitrary Ex command injection via a malicious NetBeans server (bsc#1261833). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-515=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * vim-data-common-9.2.0398-slfo.1.1_1.1 * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * vim-small-9.2.0398-slfo.1.1_1.1 * vim-small-debuginfo-9.2.0398-slfo.1.1_1.1 * vim-debugsource-9.2.0398-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-39881.html * https://bugzilla.suse.com/show_bug.cgi?id=1261833 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:30 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:30 -0000 Subject: SUSE-RU-2026:21449-1: moderate: Recommended update for mozilla-nss Message-ID: <177788367092.1375.7082500778386511312@dde0e951fc7e> # Recommended update for mozilla-nss Announcement ID: SUSE-RU-2026:21449-1 Release Date: 2026-04-28T14:55:34Z Rating: moderate References: * jsc#PED-15633 Affected Products: * SUSE Linux Micro 6.1 An update that contains one feature can now be installed. ## Description: This update for mozilla-nss fixes the following issues: Update to NSS 3.112.5: * reject DTLS 1.3 Server Hello after HVR without capping ss->vrange.max. * update to version 2.84 of builtins module. * Added "Suggests: p11-kit-nss-trust" to favor over mozilla-nss-certs (Jira:jsc#PED-15633) Update to NSS 3.112.4: * improve error handling in PK11_ImportPrivateKeyInfoAndReturnKey. * Improving the allocation of S/MIME DecryptSymKey. * store email on subject cache_entry in NSS trust domain. * Heap use-after-free in cert_VerifyCertChainOld via dangling certsList[] entry on NameConstraints violation. * Improve size calculations in CMS content buffering. * avoid integer overflow while escaping RFC822 Names. * Reject excessively large ASN.1 SEQUENCE OF in quickder. * Deep copy profile data in CERT_FindSMimeProfile. * Improve input validation in DSAU signature decoding. * avoid integer overflow in RSA_EMSAEncodePSS. * RSA_EMSAEncodePSS should validate the length of mHash. * Add a maximum cert uncompressed len and tests. * Clarify extension negotiation mechanism for TLS Handshakes. * ensure permittedSubtrees don't match wildcards that could be outside the permitted tree. * Fix integer underflow in tls13_AEAD when ciphertext is shorter than tag. * Remove invalid PORT_Free(). * free digest objects in SEC_PKCS7DecoderFinish if they haven't already been freed. * make ss->ssl3.hs.cookie an owned-copy of the cookie. Update to NSS 3.112.3: * avoid integer overflow in platform-independent ghash ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-514=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libfreebl3-3.112.5-slfo.1.1_1.1 * mozilla-nss-certs-3.112.5-slfo.1.1_1.1 * libsoftokn3-debuginfo-3.112.5-slfo.1.1_1.1 * mozilla-nss-tools-debuginfo-3.112.5-slfo.1.1_1.1 * libsoftokn3-3.112.5-slfo.1.1_1.1 * mozilla-nss-tools-3.112.5-slfo.1.1_1.1 * mozilla-nss-3.112.5-slfo.1.1_1.1 * mozilla-nss-debuginfo-3.112.5-slfo.1.1_1.1 * libfreebl3-debuginfo-3.112.5-slfo.1.1_1.1 * mozilla-nss-debugsource-3.112.5-slfo.1.1_1.1 * mozilla-nss-certs-debuginfo-3.112.5-slfo.1.1_1.1 ## References: * https://jira.suse.com/browse/PED-15633 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:35 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:35 -0000 Subject: SUSE-SU-2026:21448-1: moderate: Security update for sed Message-ID: <177788367507.1375.13965454243894073653@dde0e951fc7e> # Security update for sed Announcement ID: SUSE-SU-2026:21448-1 Release Date: 2026-04-27T17:14:51Z Rating: moderate References: * bsc#1262144 Cross-References: * CVE-2026-5958 CVSS scores: * CVE-2026-5958 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N * CVE-2026-5958 ( SUSE ): 6.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N * CVE-2026-5958 ( NVD ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for sed fixes the following issue: * CVE-2026-5958: TOCTOU race allows write of user-controlled content to unintended files and can lead to arbitrary file overwrite (bsc#1262144). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-513=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * sed-4.9-slfo.1.1_2.1 * sed-debugsource-4.9-slfo.1.1_2.1 * sed-debuginfo-4.9-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-5958.html * https://bugzilla.suse.com/show_bug.cgi?id=1262144 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:38 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:38 -0000 Subject: SUSE-SU-2026:21447-1: moderate: Security update for python311 Message-ID: <177788367812.1375.8834845083509469245@dde0e951fc7e> # Security update for python311 Announcement ID: SUSE-SU-2026:21447-1 Release Date: 2026-04-27T12:30:50Z Rating: moderate References: * bsc#1261970 Cross-References: * CVE-2026-3446 CVSS scores: * CVE-2026-3446 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-3446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-3446 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for python311 fixes the following issue: * CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed (bsc#1261970). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-510=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-3.11.15-slfo.1.1_4.1 * python311-curses-debuginfo-3.11.15-slfo.1.1_4.1 * python311-base-debuginfo-3.11.15-slfo.1.1_4.1 * python311-debuginfo-3.11.15-slfo.1.1_4.1 * libpython3_11-1_0-debuginfo-3.11.15-slfo.1.1_4.1 * python311-base-3.11.15-slfo.1.1_4.1 * python311-curses-3.11.15-slfo.1.1_4.1 * python311-debugsource-3.11.15-slfo.1.1_4.1 * python311-core-debugsource-3.11.15-slfo.1.1_4.1 * python311-3.11.15-slfo.1.1_4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3446.html * https://bugzilla.suse.com/show_bug.cgi?id=1261970 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:41 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:41 -0000 Subject: SUSE-SU-2026:21446-1: important: Security update for freeipmi Message-ID: <177788368148.1375.862631676607128344@dde0e951fc7e> # Security update for freeipmi Announcement ID: SUSE-SU-2026:21446-1 Release Date: 2026-04-27T12:27:43Z Rating: important References: * bsc#1260414 Cross-References: * CVE-2026-33554 CVSS scores: * CVE-2026-33554 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-33554 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-33554 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for freeipmi fixes the following issue: * CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses (bsc#1260414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-512=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 x86_64) * libfreeipmi17-1.6.14-slfo.1.1_2.1 * libfreeipmi17-debuginfo-1.6.14-slfo.1.1_2.1 * freeipmi-debugsource-1.6.14-slfo.1.1_2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33554.html * https://bugzilla.suse.com/show_bug.cgi?id=1260414 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:50 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:50 -0000 Subject: SUSE-SU-2026:21445-1: moderate: Security update for avahi Message-ID: <177788369024.1375.4180833947860018631@dde0e951fc7e> # Security update for avahi Announcement ID: SUSE-SU-2026:21445-1 Release Date: 2026-04-27T12:27:43Z Rating: moderate References: * bsc#1256498 * bsc#1256499 * bsc#1256500 Cross-References: * CVE-2025-68276 * CVE-2025-68468 * CVE-2025-68471 CVSS scores: * CVE-2025-68276 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68276 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68468 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68468 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-68468 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-68471 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68471 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-68471 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for avahi fixes the following issues: * CVE-2025-68276: reachable assertion in `avahi_wide_area_scan_cache` can lead to an `avahi-daemon` crash (bsc#1256498). * CVE-2025-68468: reachable assertion in `lookup_multicast_callback` can lead to an `avahi-daemon` crash (bsc#1256499). * CVE-2025-68471: reachable assertion in `lookup_start` can lead to an `avahi- daemon` crash (bsc#1256500). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-509=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libavahi-common3-0.8-slfo.1.1_6.1 * avahi-0.8-slfo.1.1_6.1 * avahi-debuginfo-0.8-slfo.1.1_6.1 * libavahi-core7-debuginfo-0.8-slfo.1.1_6.1 * libavahi-client3-0.8-slfo.1.1_6.1 * avahi-debugsource-0.8-slfo.1.1_6.1 * libavahi-client3-debuginfo-0.8-slfo.1.1_6.1 * libavahi-core7-0.8-slfo.1.1_6.1 * libavahi-common3-debuginfo-0.8-slfo.1.1_6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-68276.html * https://www.suse.com/security/cve/CVE-2025-68468.html * https://www.suse.com/security/cve/CVE-2025-68471.html * https://bugzilla.suse.com/show_bug.cgi?id=1256498 * https://bugzilla.suse.com/show_bug.cgi?id=1256499 * https://bugzilla.suse.com/show_bug.cgi?id=1256500 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:51 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:51 -0000 Subject: SUSE-SU-2026:21444-1: important: Security update for kernel-livepatch-MICRO-6-0-RT_Update_20 Message-ID: <177788369158.1375.8821182779339909030@dde0e951fc7e> # Security update for kernel-livepatch-MICRO-6-0-RT_Update_20 Announcement ID: SUSE-SU-2026:21444-1 Release Date: 2026-05-02T08:51:37Z Rating: important References: Affected Products: * SUSE Linux Micro 6.0 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_20 fixes the following issues: This is the initial kernel RT livepatch for update 20. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-371=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_20-debugsource-1-1.1 * kernel-livepatch-6_4_0-42-rt-debuginfo-1-1.1 * kernel-livepatch-6_4_0-42-rt-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:55 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:55 -0000 Subject: SUSE-SU-2026:21443-1: important: Security update for the Linux Kernel Message-ID: <177788369577.1375.13166061437278414831@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21443-1 Release Date: 2026-05-02T08:47:22Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Micro 6.0 and 6.1 RT kernel was updated to fix one security issue. The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-370=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * kernel-devel-rt-6.4.0-42.1 * kernel-source-rt-6.4.0-42.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-rt-6.4.0-42.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-rt-livepatch-6.4.0-42.1 * kernel-rt-debugsource-6.4.0-42.1 * kernel-rt-debuginfo-6.4.0-42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:35:00 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:35:00 -0000 Subject: SUSE-SU-2026:21441-1: important: Security update for kernel-livepatch-MICRO-6-0_Update_19 Message-ID: <177788370040.1375.3080579518568113117@dde0e951fc7e> # Security update for kernel-livepatch-MICRO-6-0_Update_19 Announcement ID: SUSE-SU-2026:21441-1 Release Date: 2026-05-01T21:54:55Z Rating: important References: Affected Products: * SUSE Linux Micro 6.0 An update that can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0_Update_19 fixes the following issues: This is the initial livepatch for Update 19. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-369=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_19-debugsource-1-1.1 * kernel-livepatch-6_4_0-42-default-debuginfo-1-1.1 * kernel-livepatch-6_4_0-42-default-1-1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:34:58 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:34:58 -0000 Subject: SUSE-SU-2026:21442-1: important: Security update for the Linux Kernel Message-ID: <177788369899.1375.17292397670431104102@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21442-1 Release Date: 2026-05-01T21:55:29Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-368=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 x86_64) * kernel-default-base-6.4.0-42.1.21.19 * SUSE Linux Micro 6.0 (noarch) * kernel-macros-6.4.0-42.1 * kernel-devel-6.4.0-42.1 * kernel-source-6.4.0-42.1 * SUSE Linux Micro 6.0 (aarch64 nosrc s390x x86_64) * kernel-default-6.4.0-42.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * kernel-default-debugsource-6.4.0-42.1 * kernel-default-debuginfo-6.4.0-42.1 * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-default-livepatch-6.4.0-42.1 * SUSE Linux Micro 6.0 (nosrc x86_64) * kernel-kvmsmall-6.4.0-42.1 * SUSE Linux Micro 6.0 (x86_64) * kernel-kvmsmall-debugsource-6.4.0-42.1 * kernel-kvmsmall-debuginfo-6.4.0-42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:35:17 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:35:17 -0000 Subject: SUSE-SU-2026:21440-1: important: Security update for ovmf Message-ID: <177788371757.1375.273373201978856851@dde0e951fc7e> # Security update for ovmf Announcement ID: SUSE-SU-2026:21440-1 Release Date: 2026-04-24T13:08:28Z Rating: important References: * bsc#1259362 * bsc#1261469 * bsc#1261476 * bsc#1261477 * bsc#1261478 * bsc#1262631 * bsc#1262632 * bsc#1262635 * bsc#1262636 * bsc#1262638 Cross-References: * CVE-2026-1965 * CVE-2026-25833 * CVE-2026-25834 * CVE-2026-25835 * CVE-2026-34874 * CVE-2026-4873 * CVE-2026-5545 * CVE-2026-6253 * CVE-2026-6276 * CVE-2026-6429 CVSS scores: * CVE-2026-1965 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2026-1965 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-1965 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-25833 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25833 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25833 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25834 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25834 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-25834 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-25835 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-25835 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-25835 ( NVD ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-34874 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34874 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34874 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4873 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-4873 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-5545 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-5545 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-6253 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6253 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6276 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6276 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6429 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6429 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro 6.1 An update that solves 10 vulnerabilities can now be installed. ## Security update for ovmf ### Description: This update for ovmf fixes the following issues: * CVE-2026-25833: mbedtls: buffer overflow in the `x509_inet_pton_ipv6()` function (bsc#1261476). * CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello (bsc#1261477). * CVE-2026-25835: mbedtls: no pseudo-random number generator reseed when cloning an application (bsc#1261478). * CVE-2026-34874: mbedtls: NULL pointer dereference in distinguished name parsing (bsc#1261469). ## Security update for curl ### Description: This update for curl fixes the following issues: Security issues fixed: * CVE-2026-4873: connection reuse ignores TLS requirement (bsc#1262631). * CVE-2026-5545: wrong reuse of HTTP Negotiate connection (bsc#1262632). * CVE-2026-6253: proxy credentials leak over redirect-to proxy (bsc#1262635). * CVE-2026-6276: stale custom cookie host causes cookie leak (bsc#1262636). * CVE-2026-6429: netrc credential leak with reused proxy connection (bsc#1262638). Other updates and bugfixes: * sws: prevent "connection monitor" to say disconnect twice (bsc#1259362). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-508=1 * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-695=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * qemu-ovmf-x86_64-202402-slfo.1.1_3.1 * qemu-uefi-aarch64-202402-slfo.1.1_3.1 * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * curl-debuginfo-8.14.1-6.1 * curl-debugsource-8.14.1-6.1 * libcurl4-debuginfo-8.14.1-6.1 * libcurl4-8.14.1-6.1 * curl-8.14.1-6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1965.html * https://www.suse.com/security/cve/CVE-2026-25833.html * https://www.suse.com/security/cve/CVE-2026-25834.html * https://www.suse.com/security/cve/CVE-2026-25835.html * https://www.suse.com/security/cve/CVE-2026-34874.html * https://www.suse.com/security/cve/CVE-2026-4873.html * https://www.suse.com/security/cve/CVE-2026-5545.html * https://www.suse.com/security/cve/CVE-2026-6253.html * https://www.suse.com/security/cve/CVE-2026-6276.html * https://www.suse.com/security/cve/CVE-2026-6429.html * https://bugzilla.suse.com/show_bug.cgi?id=1259362 * https://bugzilla.suse.com/show_bug.cgi?id=1261469 * https://bugzilla.suse.com/show_bug.cgi?id=1261476 * https://bugzilla.suse.com/show_bug.cgi?id=1261477 * https://bugzilla.suse.com/show_bug.cgi?id=1261478 * https://bugzilla.suse.com/show_bug.cgi?id=1262631 * https://bugzilla.suse.com/show_bug.cgi?id=1262632 * https://bugzilla.suse.com/show_bug.cgi?id=1262635 * https://bugzilla.suse.com/show_bug.cgi?id=1262636 * https://bugzilla.suse.com/show_bug.cgi?id=1262638 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:35:22 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:35:22 -0000 Subject: SUSE-SU-2026:21439-1: important: Security update for the Linux Kernel Message-ID: <177788372257.1375.8326547265301360618@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21439-1 Release Date: 2026-05-02T07:27:55Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-666=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-666=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * cluster-md-kmp-default-6.12.0-160000.29.1 * dlm-kmp-default-debuginfo-6.12.0-160000.29.1 * cluster-md-kmp-default-debuginfo-6.12.0-160000.29.1 * kernel-kvmsmall-debugsource-6.12.0-160000.29.1 * kernel-default-base-6.12.0-160000.29.1.160000.2.9 * dlm-kmp-default-6.12.0-160000.29.1 * kernel-default-devel-6.12.0-160000.29.1 * kernel-default-extra-debuginfo-6.12.0-160000.29.1 * gfs2-kmp-default-debuginfo-6.12.0-160000.29.1 * kernel-kvmsmall-debuginfo-6.12.0-160000.29.1 * kernel-default-extra-6.12.0-160000.29.1 * kernel-obs-qa-6.12.0-160000.29.1 * kernel-default-debuginfo-6.12.0-160000.29.1 * gfs2-kmp-default-6.12.0-160000.29.1 * kernel-syms-6.12.0-160000.29.1 * kernel-default-debugsource-6.12.0-160000.29.1 * kernel-kvmsmall-devel-6.12.0-160000.29.1 * kernel-default-livepatch-6.12.0-160000.29.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * kernel-docs-html-6.12.0-160000.29.1 * kernel-source-vanilla-6.12.0-160000.29.1 * kernel-source-6.12.0-160000.29.1 * kernel-devel-6.12.0-160000.29.1 * kernel-macros-6.12.0-160000.29.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (nosrc x86_64) * kernel-azure-6.12.0-160000.29.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * kernel-kvmsmall-vdso-debuginfo-6.12.0-160000.29.1 * kernel-azure-devel-6.12.0-160000.29.1 * kernel-azure-extra-6.12.0-160000.29.1 * kernel-azure-vdso-6.12.0-160000.29.1 * kernel-default-vdso-debuginfo-6.12.0-160000.29.1 * kernel-azure-debugsource-6.12.0-160000.29.1 * kernel-default-vdso-6.12.0-160000.29.1 * kernel-default-devel-debuginfo-6.12.0-160000.29.1 * kernel-azure-extra-debuginfo-6.12.0-160000.29.1 * kernel-azure-vdso-debuginfo-6.12.0-160000.29.1 * kernel-azure-devel-debuginfo-6.12.0-160000.29.1 * kernel-azure-debuginfo-6.12.0-160000.29.1 * kernel-kvmsmall-devel-debuginfo-6.12.0-160000.29.1 * kernel-kvmsmall-vdso-6.12.0-160000.29.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (nosrc ppc64le x86_64) * kernel-default-6.12.0-160000.29.1 * kernel-kvmsmall-6.12.0-160000.29.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch nosrc) * kernel-docs-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debuginfo-6.12.0-160000.29.1 * kernel-kvmsmall-debugsource-6.12.0-160000.29.1 * kernel-default-base-6.12.0-160000.29.1.160000.2.9 * kernel-kvmsmall-devel-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (noarch) * kernel-docs-html-6.12.0-160000.29.1 * kernel-source-vanilla-6.12.0-160000.29.1 * kernel-source-6.12.0-160000.29.1 * kernel-devel-6.12.0-160000.29.1 * kernel-macros-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc) * kernel-64kb-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (aarch64) * kernel-64kb-extra-6.12.0-160000.29.1 * kernel-64kb-debuginfo-6.12.0-160000.29.1 * kernel-64kb-extra-debuginfo-6.12.0-160000.29.1 * kernel-64kb-debugsource-6.12.0-160000.29.1 * kernel-64kb-devel-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc x86_64) * kernel-azure-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * kernel-azure-devel-6.12.0-160000.29.1 * kernel-azure-extra-6.12.0-160000.29.1 * kernel-azure-debugsource-6.12.0-160000.29.1 * kernel-azure-extra-debuginfo-6.12.0-160000.29.1 * kernel-azure-debuginfo-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * kernel-obs-qa-6.12.0-160000.29.1 * kernel-default-devel-6.12.0-160000.29.1 * kernel-default-extra-debuginfo-6.12.0-160000.29.1 * kernel-default-extra-6.12.0-160000.29.1 * kernel-default-debuginfo-6.12.0-160000.29.1 * kernel-syms-6.12.0-160000.29.1 * kernel-default-debugsource-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (noarch nosrc) * kernel-docs-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * kernel-kvmsmall-vdso-debuginfo-6.12.0-160000.29.1 * kernel-azure-vdso-6.12.0-160000.29.1 * kernel-default-vdso-debuginfo-6.12.0-160000.29.1 * kernel-default-vdso-6.12.0-160000.29.1 * kernel-default-devel-debuginfo-6.12.0-160000.29.1 * kernel-azure-vdso-debuginfo-6.12.0-160000.29.1 * kernel-azure-devel-debuginfo-6.12.0-160000.29.1 * kernel-kvmsmall-devel-debuginfo-6.12.0-160000.29.1 * kernel-kvmsmall-vdso-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-default-livepatch-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (nosrc s390x) * kernel-zfcpdump-6.12.0-160000.29.1 * SUSE Linux Enterprise Server 16.0 (s390x) * kernel-zfcpdump-debuginfo-6.12.0-160000.29.1 * kernel-zfcpdump-debugsource-6.12.0-160000.29.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:35:23 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:35:23 -0000 Subject: SUSE-RU-2026:21438-1: important: Recommended update for the initial kernel livepatch Message-ID: <177788372392.1375.15837289530316701592@dde0e951fc7e> # Recommended update for the initial kernel livepatch Announcement ID: SUSE-RU-2026:21438-1 Release Date: 2026-05-02T07:26:35Z Rating: important References: Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that can now be installed. ## Description: This update contains initial livepatches for the SUSE Linux Enterprise Server 16.0 and SUSE Linux Micro 6.2 kernel update. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-667=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-667=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_8-debugsource-1-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-debuginfo-1-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-1-160000.1.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_8-debugsource-1-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-debuginfo-1-160000.1.1 * kernel-livepatch-6_12_0-160000_29-default-1-160000.1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:35:29 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:35:29 -0000 Subject: SUSE-SU-2026:21437-1: moderate: Security update for himmelblau Message-ID: <177788372929.1375.4840085272339390858@dde0e951fc7e> # Security update for himmelblau Announcement ID: SUSE-SU-2026:21437-1 Release Date: 2026-04-30T17:06:48Z Rating: moderate References: * bsc#1261324 * bsc#1261613 Cross-References: * CVE-2026-34397 CVSS scores: * CVE-2026-34397 ( SUSE ): 7.2 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-34397 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-34397 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-34397 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for himmelblau fixes the following issues: Update to version 2.3.9+git0.a9fd29b. Security issues fixed: * CVE-2026-34397: Fixed naming collision that can lead to local privilege escalation (bsc#1261324). Other updates and bugfixes: * update aws-lc-sys to 0.39.0 for security fixes * update rustls-webpki to 0.103.10 for CRL revocation fix * Version 2.3.9: * packaging: fix if/else block for debian's postrm * Update apparmor.unix-chkpwd.local (Issue #1252) * When Hello user encounters SSPR demand, be permissive * add tests for sudo_groups functionality * Fix config tests to ignore local host config * Do not clear $NOTIFY_SOCKET when calling sd_ready * Fix token cache 24h purge * broker: use SSO server nonce for PRT only when provided * Fix pam_himmelblau blocking local user password changes (#1199) * Remove unused File import * Use is_ascii_alphanumeric() for account_id validation * Fix path traversal in LoadProfilePhoto AccountsService writes * Drop initialization tracing span * himmelblau-hsm-pin-init: drop RemainAfterExit=yes * Add fallback behavior when consent is required * qr-greeter: enable extension without socket noise * debian: make install/remove noninteractive; reduce QR postinst noise; soften missing hello prt * Never respond with BadRequest without error detail * deps(rust): bump the all-cargo-updates group across 1 directory with 7 updates ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-664=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-664=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * himmelblau-sso-2.3.9+git0.a9fd29b-160000.1.1 * libnss_himmelblau2-2.3.9+git0.a9fd29b-160000.1.1 * himmelblau-2.3.9+git0.a9fd29b-160000.1.1 * himmelblau-debuginfo-2.3.9+git0.a9fd29b-160000.1.1 * himmelblau-sso-debuginfo-2.3.9+git0.a9fd29b-160000.1.1 * pam-himmelblau-2.3.9+git0.a9fd29b-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * himmelblau-sshd-config-2.3.9+git0.a9fd29b-160000.1.1 * himmelblau-qr-greeter-2.3.9+git0.a9fd29b-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * himmelblau-sso-2.3.9+git0.a9fd29b-160000.1.1 * libnss_himmelblau2-2.3.9+git0.a9fd29b-160000.1.1 * himmelblau-2.3.9+git0.a9fd29b-160000.1.1 * himmelblau-debuginfo-2.3.9+git0.a9fd29b-160000.1.1 * himmelblau-sso-debuginfo-2.3.9+git0.a9fd29b-160000.1.1 * pam-himmelblau-2.3.9+git0.a9fd29b-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * himmelblau-sshd-config-2.3.9+git0.a9fd29b-160000.1.1 * himmelblau-qr-greeter-2.3.9+git0.a9fd29b-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34397.html * https://bugzilla.suse.com/show_bug.cgi?id=1261324 * https://bugzilla.suse.com/show_bug.cgi?id=1261613 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:13 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:13 -0000 Subject: SUSE-SU-2026:21436-1: important: Security update for freerdp Message-ID: <177788377342.1375.17322371081137876227@dde0e951fc7e> # Security update for freerdp Announcement ID: SUSE-SU-2026:21436-1 Release Date: 2026-04-30T16:52:03Z Rating: important References: * bsc#1258919 * bsc#1258920 * bsc#1258921 * bsc#1258923 * bsc#1258924 * bsc#1258973 * bsc#1258976 * bsc#1258977 * bsc#1258979 * bsc#1258982 * bsc#1258985 * bsc#1259653 * bsc#1259679 * bsc#1259680 * bsc#1259684 * bsc#1259686 * bsc#1259689 * bsc#1259692 * bsc#1259693 * bsc#1261196 * bsc#1261198 * bsc#1261200 * bsc#1261211 * bsc#1261217 * bsc#1261222 * bsc#1261223 * bsc#1261226 * bsc#1261227 Cross-References: * CVE-2026-25941 * CVE-2026-25942 * CVE-2026-25952 * CVE-2026-25953 * CVE-2026-25954 * CVE-2026-25955 * CVE-2026-25959 * CVE-2026-25997 * CVE-2026-26271 * CVE-2026-26955 * CVE-2026-26965 * CVE-2026-29774 * CVE-2026-29775 * CVE-2026-29776 * CVE-2026-31806 * CVE-2026-31883 * CVE-2026-31884 * CVE-2026-31885 * CVE-2026-31897 * CVE-2026-33952 * CVE-2026-33977 * CVE-2026-33982 * CVE-2026-33983 * CVE-2026-33984 * CVE-2026-33985 * CVE-2026-33986 * CVE-2026-33987 * CVE-2026-33995 CVSS scores: * CVE-2026-25941 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-25941 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-25941 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-25941 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-25942 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25942 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-25942 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25942 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25952 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25952 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-25952 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25952 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-25953 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25953 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-25953 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25953 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-25954 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25954 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-25954 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25954 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25955 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25955 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-25955 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25955 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-25959 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25959 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-25959 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25959 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-25997 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-25997 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-25997 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25997 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-26271 ( NVD ): 5.5 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-26271 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-26955 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-26955 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-26955 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-26965 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-26965 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-26965 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-29774 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-29774 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-29774 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-29774 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-29775 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-29775 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-29775 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-29775 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-29776 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-29776 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-29776 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-31806 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31806 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-31806 ( NVD ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-31806 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31883 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-31883 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-31883 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31883 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-31884 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31884 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-31884 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-31884 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-31885 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31885 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2026-31885 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-31885 ( NVD ): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2026-31897 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-31897 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-31897 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31897 ( NVD ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2026-33952 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33952 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-33952 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-33952 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-33952 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-33977 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33977 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-33977 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-33977 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-33982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-33982 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-33982 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2026-33983 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33983 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-33983 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-33984 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-33984 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-33984 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-33985 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-33985 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2026-33985 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2026-33985 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2026-33986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-33986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-33987 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2026-33987 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2026-33987 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2026-33995 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-33995 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves 28 vulnerabilities can now be installed. ## Description: This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: * CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel (bsc#1258919). * CVE-2026-25942: buffer overflow of global array in `xf_rail_server_execute_result` (bsc#1258920). * CVE-2026-25952: heap use-after-free in `xf_SetWindowMinMaxInfo` (bsc#1258921). * CVE-2026-25953: heap use-after-free in `xf_AppUpdateWindowFromSurface` (bsc#1258923). * CVE-2026-25954: heap use-after-free in `xf_rail_server_local_move_size` (bsc#1258924). * CVE-2026-25955: heap use-after-free in `xf_AppUpdateWindowFromSurface` (bsc#1258973). * CVE-2026-25959: heap use-after-free in `xf_cliprdr_provide_data_` (bsc#1258976). * CVE-2026-25997: heap use-after-free in `xf_clipboard_format_equal` (bsc#1258977). * CVE-2026-26271: buffer overread in FreeRDP icon processing (bsc#1258979). * CVE-2026-26955: out-of-bounds write in FreeRDP clients using the GDI surface pipeline (bsc#1258982). * CVE-2026-26965: out-of-bounds write in FreeRDP client RLE planar decode path (bsc#1258985). * CVE-2026-29774: heap buffer overflow in the FreeRDP client's AVC420/AVC444 YUV-to-RGB conversion path (bsc#1259689). * CVE-2026-29775: out-of-bounds access in the FreeRDP client bitmap cache subsystem (bsc#1259684). * CVE-2026-29776: integer underflow in `update_read_cache_bitmap_order` (bsc#1259692). * CVE-2026-31806: heap buffer overflow in `nsc_process_message` (bsc#1259653). * CVE-2026-31883: heap buffer overwrite due to a `size_t` underflow in the IMA-ADPCM and MS-ADPCM audio decoders (bsc#1259679). * CVE-2026-31884: division by zero in MS-ADPCM and IMA-ADPCM decoders (bsc#1259680). * CVE-2026-31885: out-of-bounds read in MS-ADPCM and IMA-ADPCM decoders (bsc#1259686). * CVE-2026-31897: out-of-bounds read in `freerdp_bitmap_decompress_planar` (bsc#1259693). * CVE-2026-33952: client-side crash due to `WINPR_ASSERT()` failure in `rts_read_auth_verifier_no_checks()` (bsc#1261196). * CVE-2026-33977: client-side crash due to `WINPR_ASSERT()` failure in IMA ADPCM audio decoder (bsc#1261198). * CVE-2026-33982: heap buffer overread in in `winpr_aligned_offset_recalloc` (bsc#1261222). * CVE-2026-33983: undefined behavior and resource exhaustion via 80 billion iteration loop in `progressive_decompress_tile_upgrade` (bsc#1261200). * CVE-2026-33984: heap buffer overflow in ClearCodec `resize_vbar_entry` (bsc#1261211). * CVE-2026-33985: heap out-of-bounds read in `clear_decompress_glyph_data` (bsc#1261217). * CVE-2026-33986: heap out-of-bounds write due to H.264 YUV buffer dimension desync (bsc#1261223). * CVE-2026-33987: heap out-of-bounds write due to persistent cache bmpSize desync (bsc#1261226). * CVE-2026-33995: double-free vulnerability in `kerberos_AcceptSecurityContext` and `kerberos_InitializeSecurityContextA` (bsc#1261227). Other updates and bugfixes: * Version 3.24.2: * [channels,video] fix wrong cast (#12511) * [codec,openh264] reject encoder ABI mismatch on runtime-loaded library (#12510) * [client,sdl] create a copy of rdpPointer (#12512) * [codec,video] properly pass intermediate format (#12518) * [utils, signal] lazily initialize Windows CRITICAL_SECTION to match POSIX static mutex behavior (#12520) winpr: improve libunwind backtraces (#12530) * [server,shadow] remember selected caps (#12528) * Zero credential data before free in NLA and NTLM context (#12532) * [server,proxy] ignore missing client in input channel (#12536) * [server,proxy] ignore rdpdr messages (#12537) * [winpr,sspi] improve kerberos logging (#12538) * Codec fixes (#12542) * Version 3.24.1: * [warnings] fix various sign and cast warnings (#12480) * [client,x11] start with xfc->remote_app = TRUE; (#12491) * Sam file read regression fix (#12484) * [ncrypt,smartcardlogon] support ECC keys in PKCS#11 smartcard enumeration (#12490) * Fix: memory leak in rdp_client_establish_keys() (#12494) * Fix memory leak in freerdp_settings_int_buffer_copy() on error paths (libfreerdp/core/settings.c) (#12486) * Code Cleanups (#12493) * Fix: memory leak in PCSC_SCardListReadersW() (#12495) * [channels,telemetry] use dynamic logging (#12496) * [channel,gfx] use generic plugin log (@12498, #12499) * [channels,audin] set error when audio_format_read fails (#12500) * [channels,video] unify error handling (#12502) * Fastpath fine grained lock (#12503) * [core,update] make the PlaySound callback non-mandatory (#12504) * Refinements: RPM build updates, FIPS improvements (#12506) * Version 3.24.0: * Completed the [[nodiscard]] marking of the API to warn about problematic * unchecked use of functions * Added full C23 support (default stays at C11) to allow new compilers * to do stricter checking * Improved X11 and SDL3 clients * Improved smartcard support * proxy now supports RFX graphics mode * Attribute nodiscard related chanes (#12325, #12360, #12395, #12406, #12421, #12426, #12177, #12403, #12405, #12407, #12409, #12408, #12412, #12413) * c23 related improvements (#12368, #12371, #12379, #12381, #12383, #12385, #12386, #12387, #12384) * Generic code cleanups (#12382, #12439, #12455, #12462, #12399, #12473) [core,utils] ignore NULL values in remove_rdpdr_type (#12372) * [codec,fdk] revert use of WinPR types (#12373) * [core,gateway] ignore incomplete rpc header (#12375, #12376) * [warnings] make function declaration names consistent (#12377) * [libfreerdp] Add new define for logon error info (#12380) * [client,x11] improve rails window locking (#12392) * Reload fix missing null checks (#12396) * Bounds checks (#12400) * [server,proxy] check for nullptr before using scard_call_context (#12404) * [uwac] fix rectangular glitch around surface damage regions (#12410) * Address various error handling inconsistencies (#12411) * [core,server] Improve WTS API locking (#12414) * Address some GCC compile issues (#12415, #12420) * Winpr atexit (#12416) * [winpr,smartcard] fix function pointer casts (#12422) * Xf timer fix (#12423) * [client,sdl] workaround for wlroots compositors (#12425) * [client,sdl] fix SdlWindow::query (#12378) * [winpr,smartcard] fix PCSC_ReleaseCardContext (#12427) * [client,x11] eliminate obsolete compile flags (#12428) * [client,common] skip sending input events when not connected (#12429) * Input connected checks (#12430) * Floatbar and display channel improvements (#12431) * [winpr,platform] fix WINPR_ATTR_NODISCARD definition (#12432) * [client] Fix writing of gatewayusagemethod to .rdp files (#12433) * Nodiscard finetune (#12435) * [core] fix missing gateway credential sync (#12436) * [client,sdl3] limit FREERDP_WLROOTS_HACK (#12441) * [core,settings] Allow FreeRDP_instance in setter (#12442) * [codec,h264] make log message trace (#12444) * X11 rails improve (#12440) * [codec,nsc] limit copy area in nsc_process_message (#12448) * Proxy support RFX and NSC settings (#12449) * [client,common] display a shortened help on parsing issues (#12450) * [winpr,smartcard] refine locking for pcsc layer (#12451) * [codec,swscale] allow runtime loading of swscale (#12452) * Swscale fallback (#12454) * Sdl multi scaling support (#12456) * [packaging,flatpak] update runtime and dependencies (#12457) * [codec,video] add doxygen version details (#12458) * [github,templates] update templates (#12460) * [client,sdl] allow FREERDP_WLROOTS_HACK for all sessions (#12461) * [warnings,nodiscard] add log messages for failures (#12463) * [gdi,gdi] ignore empty rectangles (#12467) * Smartcard fix smartcard-login, pass rdpContext for abort (#12466) * [winpr,smartcard] fix compiler warnings (#12469) * [winpr,timezone] fix search for transition dates (#12468) * [client,common] improve /p help (#12471) * Scard logging refactored (#12472) * [emu,scard] fix smartcard emulation (#12475) * Sdl null cursor (#12474) * Version 3.23.0: * Sdl cleanup (#12202) * [client,sdl] do not apply window offset (#12205) * [client,sdl] add SDL_Error to exceptions (#12214) * Rdp monitor log (#12215) * [winpr,smartcard] implement some attributes (#12213) * [client,windows] Fix return value checks for mouse event functions (#12279) * [channels,rdpecam] fix sws context checks (#12272) * [client,windows] Enhance error handling and context validation (#12264) * [client,windows] Add window handle validation in RDP_EVENT_TYPE_WINDOW_NEW (#12261) * [client,sdl] fix multimon/fullscreen on wayland (#12248) * Vendor by app (#12207) * [core,gateway] relax TSG parsing (#12283) * [winpr,smartcard] simplify PCSC_ReadDeviceSystemName (#12273) * [client,windows] Implement complete keyboard indicator synchronization (#12268) * Fixes more more more (#12286) * Use application details for names (#12285) * warning cleanups (#12289) * Warning cleanup (#12291) * [client,windows] Enhance memory safety with NULL checks and resource protection (#12271) * [client,x11] apply /size:xx% only once (#12293) * Freerdp config test (#12295) * [winpr,smartcard] fix returned attribute length (#12296) * [client,SDL3] Fix properly handle smart-sizing with fullscreen (#12298) * [core,test] fix use after free (#12299) * Sign warnings (#12300) * [cmake,compiler] disable -Wjump-misses-init (#12301) * [codec,color] fix input length checks (#12302) * [client,sdl] improve cursor updates, fix surface sizes (#12303) * Sdl fullscreen (#12217) * [client,sdl] fix move constructor of SdlWindow (#12305) * [utils,smartcard] check stream length on padding (#12306) * [android] Fix invert scrolling default value mismatch (#12309) * Clear fix bounds checks (#12310) * Winpr attr nodiscard fkt ptr (#12311) * [codec,planar] fix missing destination bounds checks (#12312) * [codec,clear] fix destination checks (#12315) * NSC Codec fixes (#12317) * Freerdp api nodiscard (#12313) * [allocations] fix growth of preallocated buffers (#12319) * Rdpdr simplify (#12320) * Resource fix (#12323) * [winpr,utils] ensure message queue capacity (#12322) * [server,shadow] fix return and parameter checks (#12330) * Shadow fixes (#12331) * [rdtk,nodiscard] mark rdtk API nodiscard (#12329) * [client,x11] fix XGetWindowProperty return handling (#12334) * Win32 signal (#12335) * [channel,usb] fix message parsing and creation (#12336) * [cmake] Define WINPR_DEFINE_ATTR_NODISCARD (#12338) * Proxy config fix (#12345) * [codec,progressive] refine progressive decoding (#12347) * [client,sdl] fix sdl_Pointer_New (#12350) * [core,gateway] parse [MS-TSGU] 2.2.10.5 HTTP_CHANNEL_RESPONSE_OPTIONAL (#12353) * X11 kbd sym (#12354) * Windows compile warning fixes (#12357,#12358,#12359) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-663=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-663=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * freerdp-debuginfo-3.24.2-160000.1.1 * libuwac0-0-debuginfo-3.24.2-160000.1.1 * freerdp-server-3.24.2-160000.1.1 * libwinpr3-3-debuginfo-3.24.2-160000.1.1 * freerdp-server-debuginfo-3.24.2-160000.1.1 * freerdp-proxy-plugins-3.24.2-160000.1.1 * freerdp-wayland-3.24.2-160000.1.1 * libfreerdp-server-proxy3-3-3.24.2-160000.1.1 * winpr-devel-3.24.2-160000.1.1 * freerdp-proxy-plugins-debuginfo-3.24.2-160000.1.1 * freerdp-3.24.2-160000.1.1 * freerdp-proxy-debuginfo-3.24.2-160000.1.1 * freerdp-wayland-debuginfo-3.24.2-160000.1.1 * freerdp-sdl-3.24.2-160000.1.1 * freerdp-devel-3.24.2-160000.1.1 * libfreerdp3-3-debuginfo-3.24.2-160000.1.1 * librdtk0-0-3.24.2-160000.1.1 * librdtk0-0-debuginfo-3.24.2-160000.1.1 * libfreerdp-server-proxy3-3-debuginfo-3.24.2-160000.1.1 * freerdp-sdl-debuginfo-3.24.2-160000.1.1 * libuwac0-0-3.24.2-160000.1.1 * libfreerdp3-3-3.24.2-160000.1.1 * libwinpr3-3-3.24.2-160000.1.1 * freerdp-proxy-3.24.2-160000.1.1 * freerdp-debugsource-3.24.2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * freerdp-debuginfo-3.24.2-160000.1.1 * libuwac0-0-debuginfo-3.24.2-160000.1.1 * freerdp-server-3.24.2-160000.1.1 * libwinpr3-3-debuginfo-3.24.2-160000.1.1 * freerdp-server-debuginfo-3.24.2-160000.1.1 * freerdp-proxy-plugins-3.24.2-160000.1.1 * freerdp-wayland-3.24.2-160000.1.1 * libfreerdp-server-proxy3-3-3.24.2-160000.1.1 * winpr-devel-3.24.2-160000.1.1 * freerdp-proxy-plugins-debuginfo-3.24.2-160000.1.1 * freerdp-3.24.2-160000.1.1 * freerdp-proxy-debuginfo-3.24.2-160000.1.1 * freerdp-wayland-debuginfo-3.24.2-160000.1.1 * freerdp-sdl-3.24.2-160000.1.1 * freerdp-devel-3.24.2-160000.1.1 * libfreerdp3-3-debuginfo-3.24.2-160000.1.1 * librdtk0-0-3.24.2-160000.1.1 * librdtk0-0-debuginfo-3.24.2-160000.1.1 * libfreerdp-server-proxy3-3-debuginfo-3.24.2-160000.1.1 * freerdp-sdl-debuginfo-3.24.2-160000.1.1 * libuwac0-0-3.24.2-160000.1.1 * libfreerdp3-3-3.24.2-160000.1.1 * libwinpr3-3-3.24.2-160000.1.1 * freerdp-proxy-3.24.2-160000.1.1 * freerdp-debugsource-3.24.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25941.html * https://www.suse.com/security/cve/CVE-2026-25942.html * https://www.suse.com/security/cve/CVE-2026-25952.html * https://www.suse.com/security/cve/CVE-2026-25953.html * https://www.suse.com/security/cve/CVE-2026-25954.html * https://www.suse.com/security/cve/CVE-2026-25955.html * https://www.suse.com/security/cve/CVE-2026-25959.html * https://www.suse.com/security/cve/CVE-2026-25997.html * https://www.suse.com/security/cve/CVE-2026-26271.html * https://www.suse.com/security/cve/CVE-2026-26955.html * https://www.suse.com/security/cve/CVE-2026-26965.html * https://www.suse.com/security/cve/CVE-2026-29774.html * https://www.suse.com/security/cve/CVE-2026-29775.html * https://www.suse.com/security/cve/CVE-2026-29776.html * https://www.suse.com/security/cve/CVE-2026-31806.html * https://www.suse.com/security/cve/CVE-2026-31883.html * https://www.suse.com/security/cve/CVE-2026-31884.html * https://www.suse.com/security/cve/CVE-2026-31885.html * https://www.suse.com/security/cve/CVE-2026-31897.html * https://www.suse.com/security/cve/CVE-2026-33952.html * https://www.suse.com/security/cve/CVE-2026-33977.html * https://www.suse.com/security/cve/CVE-2026-33982.html * https://www.suse.com/security/cve/CVE-2026-33983.html * https://www.suse.com/security/cve/CVE-2026-33984.html * https://www.suse.com/security/cve/CVE-2026-33985.html * https://www.suse.com/security/cve/CVE-2026-33986.html * https://www.suse.com/security/cve/CVE-2026-33987.html * https://www.suse.com/security/cve/CVE-2026-33995.html * https://bugzilla.suse.com/show_bug.cgi?id=1258919 * https://bugzilla.suse.com/show_bug.cgi?id=1258920 * https://bugzilla.suse.com/show_bug.cgi?id=1258921 * https://bugzilla.suse.com/show_bug.cgi?id=1258923 * https://bugzilla.suse.com/show_bug.cgi?id=1258924 * https://bugzilla.suse.com/show_bug.cgi?id=1258973 * https://bugzilla.suse.com/show_bug.cgi?id=1258976 * https://bugzilla.suse.com/show_bug.cgi?id=1258977 * https://bugzilla.suse.com/show_bug.cgi?id=1258979 * https://bugzilla.suse.com/show_bug.cgi?id=1258982 * https://bugzilla.suse.com/show_bug.cgi?id=1258985 * https://bugzilla.suse.com/show_bug.cgi?id=1259653 * https://bugzilla.suse.com/show_bug.cgi?id=1259679 * https://bugzilla.suse.com/show_bug.cgi?id=1259680 * https://bugzilla.suse.com/show_bug.cgi?id=1259684 * https://bugzilla.suse.com/show_bug.cgi?id=1259686 * https://bugzilla.suse.com/show_bug.cgi?id=1259689 * https://bugzilla.suse.com/show_bug.cgi?id=1259692 * https://bugzilla.suse.com/show_bug.cgi?id=1259693 * https://bugzilla.suse.com/show_bug.cgi?id=1261196 * https://bugzilla.suse.com/show_bug.cgi?id=1261198 * https://bugzilla.suse.com/show_bug.cgi?id=1261200 * https://bugzilla.suse.com/show_bug.cgi?id=1261211 * https://bugzilla.suse.com/show_bug.cgi?id=1261217 * https://bugzilla.suse.com/show_bug.cgi?id=1261222 * https://bugzilla.suse.com/show_bug.cgi?id=1261223 * https://bugzilla.suse.com/show_bug.cgi?id=1261226 * https://bugzilla.suse.com/show_bug.cgi?id=1261227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:15 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:15 -0000 Subject: SUSE-RU-2026:21435-1: moderate: Recommended update for sysctl-logger Message-ID: <177788377509.1375.9000311990072999979@dde0e951fc7e> # Recommended update for sysctl-logger Announcement ID: SUSE-RU-2026:21435-1 Release Date: 2026-04-30T15:39:04Z Rating: moderate References: Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that can now be installed. ## Description: This update for sysctl-logger fixes the following issues: * Update to v0.0.7: * Add systemd hardenings * Make output directory visible * Specify LLVM version to use for SLES 15 SP7 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-662=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-662=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * sysctl-logger-0.0.7-160000.1.1 * sysctl-logger-debugsource-0.0.7-160000.1.1 * sysctl-logger-debuginfo-0.0.7-160000.1.1 * SUSE Linux Enterprise Server 16.0 (ppc64le x86_64) * sysctl-logger-0.0.7-160000.1.1 * sysctl-logger-debugsource-0.0.7-160000.1.1 * sysctl-logger-debuginfo-0.0.7-160000.1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:19 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:19 -0000 Subject: SUSE-SU-2026:21434-1: moderate: Security update for helm Message-ID: <177788377942.1375.4314389763561262359@dde0e951fc7e> # Security update for helm Announcement ID: SUSE-SU-2026:21434-1 Release Date: 2026-04-30T13:26:15Z Rating: moderate References: * bsc#1248093 * bsc#1261938 Cross-References: * CVE-2025-55199 * CVE-2026-35206 CVSS scores: * CVE-2025-55199 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-55199 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-55199 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-35206 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-35206 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2026-35206 ( NVD ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-35206 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for helm fixes the following issues: Update to version 3.20.2. Security issued fixed: * CVE-2025-55199: specially crafted JSON Schema can lead to out of memory (OOM) termination (bsc#1248093). * CVE-2026-35206: specially crafted Chart will have contents extracted to immediate output directory rather than to expected output directory suffixed by the Chart's name (bsc#1261938). Other updates and bugfixes: * Version 3.20.1: * chore(deps): bump the k8s-io group with 7 updates a2369ca (dependabot[bot]) * add image index test 90e1056 (Pedro T?rres) * fix pulling charts from OCI indices 911f2e9 (Pedro T?rres) * Remove refactorring changes from coalesce_test.go 76dad33 (Evans Mungai) * Fix import 45c12f7 (Evans Mungai) * Update pkg/chart/common/util/coalesce_test.go 26c6f19 (Evans Mungai) * Fix lint warning 09f5129 (Evans Mungai) * Preserve nil values in chart already 417deb2 (Evans Mungai) * fix(values): preserve nil values when chart default is empty map 5417bfa (Evans Mungai) * Version 3.20.0: * SDK: bump k8s API versions to v0.35.0 * v3 backport: Fixed a bug where helm uninstall with --keep-history did not suspend previous deployed releases #12564 * v3 backport: Bump Go version to v1.25 * bump version to v3.20 * chore(deps): bump golang.org/x/text from 0.32.0 to 0.33.0 * chore(deps): bump golang.org/x/term from 0.38.0 to 0.39.0 * chore(deps): bump github.com/foxcpp/go-mockdns from 1.1.0 to 1.2.0 * chore(deps): bump the k8s-io group with 7 updates * [dev-v3] Replace deprecated `NewSimpleClientset` * [dev-v3] Bump Go v1.25, `golangci-lint` v2 * chore(deps): bump github.com/BurntSushi/toml from 1.5.0 to 1.6.0 * chore(deps): bump github.com/containerd/containerd from 1.7.29 to 1.7.30 * fix(rollback): `errors.Is` instead of string comp * fix(uninstall): supersede deployed releases * Use latest patch release of Go in releases * chore(deps): bump golang.org/x/crypto from 0.45.0 to 0.46.0 * chore(deps): bump golang.org/x/text from 0.31.0 to 0.32.0 * chore(deps): bump golang.org/x/term from 0.37.0 to 0.38.0 * chore(deps): bump github.com/spf13/cobra from 1.10.1 to 1.10.2 * chore(deps): bump github.com/rubenv/sql-migrate from 1.8.0 to 1.8.1 * chore(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 * chore(deps): bump github.com/cyphar/filepath-securejoin * chore(deps): bump golang.org/x/text from 0.30.0 to 0.31.0 * chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.44.0 * Remove dev-v3 `helm-latest-version` publish * chore(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 1.7.28 to 1.7.29 * Revert "pkg/registry: Login option for passing TLS config in memory" * jsonschema: warn and ignore unresolved URN $ref to match v3.18.4 * Fix `helm pull` untar dir check with repo urls * chore(deps): bump golang.org/x/crypto from 0.42.0 to 0.43.0 * chore(deps): bump github.com/gofrs/flock from 0.12.1 to 0.13.0 * chore(deps): bump golang.org/x/text from 0.29.0 to 0.30.0 * [backport] fix: get-helm-3 script use helm3-latest-version * pkg/registry: Login option for passing TLS config in memory * Fix deprecation warning * chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.42.0 * chore(deps): bump golang.org/x/term from 0.34.0 to 0.35.0 * Avoid "panic: interface conversion: interface {} is nil" * bump version to v3.19.0 * chore(deps): bump github.com/spf13/pflag from 1.0.7 to 1.0.10 * fix: set repo authorizer in registry.Client.Resolve() * fix null merge * Add timeout flag to repo add and update flags * Version 3.19.5: * Fixed bug where removing subchart value via override resulted in warning #31118 * Fixed bug where helm uninstall with --keep-history did not suspend previous deployed releases #12556 * fix(rollback): errors.Is instead of string comp 4a19a5b (Hidde Beydals) * fix(uninstall): supersede deployed releases 7a00235 (Hidde Beydals) * fix null merge 578564e (Ben Foster) * Version 3.19.4: * Use latest patch release of Go in releases 7cfb6e4 (Matt Farina) * chore(deps): bump github.com/gofrs/flock from 0.12.1 to 0.13.0 59c951f (dependabot[bot]) * chore(deps): bump github.com/cyphar/filepath-securejoin d45f3f1 * chore(deps): bump golang.org/x/crypto from 0.44.0 to 0.45.0 d459544 (dependabot[bot]) * chore(deps): bump golang.org/x/term from 0.36.0 to 0.37.0 becd387 (dependabot[bot]) * chore(deps): bump the k8s-io group with 7 updates edb1579 * Version 3.19.3: * Bump golang.org/x/crypto to v0.45.0 * Version 3.19.2: * [backport] fix: get-helm-3 script use helm3-latest-version 8766e71 (George Jenkins) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-661=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-661=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * helm-3.20.2-160000.1.1 * helm-debuginfo-3.20.2-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * helm-fish-completion-3.20.2-160000.1.1 * helm-bash-completion-3.20.2-160000.1.1 * helm-zsh-completion-3.20.2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * helm-3.20.2-160000.1.1 * helm-debuginfo-3.20.2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * helm-fish-completion-3.20.2-160000.1.1 * helm-bash-completion-3.20.2-160000.1.1 * helm-zsh-completion-3.20.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-55199.html * https://www.suse.com/security/cve/CVE-2026-35206.html * https://bugzilla.suse.com/show_bug.cgi?id=1248093 * https://bugzilla.suse.com/show_bug.cgi?id=1261938 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:25 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:25 -0000 Subject: SUSE-SU-2026:21433-1: important: Security update for openexr Message-ID: <177788378568.1375.16569597673290657574@dde0e951fc7e> # Security update for openexr Announcement ID: SUSE-SU-2026:21433-1 Release Date: 2026-04-29T14:36:18Z Rating: important References: * bsc#1262425 * bsc#1262426 Cross-References: * CVE-2026-40244 * CVE-2026-40250 CVSS scores: * CVE-2026-40244 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40244 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40244 ( NVD ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40244 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2026-40250 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40250 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40250 ( NVD ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40250 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for openexr fixes the following issues: * CVE-2026-40244: integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (bsc#1262426). * CVE-2026-40250: integer overflow in DWA decoder outBufferEnd pointer arithmetic (bsc#1262425). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-660=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-660=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libIex-3_2-31-debuginfo-3.2.2-160000.7.1 * libOpenEXR-3_2-31-debuginfo-3.2.2-160000.7.1 * openexr-3.2.2-160000.7.1 * libOpenEXRCore-3_2-31-debuginfo-3.2.2-160000.7.1 * openexr-debugsource-3.2.2-160000.7.1 * libIlmThread-3_2-31-debuginfo-3.2.2-160000.7.1 * libOpenEXRUtil-3_2-31-3.2.2-160000.7.1 * libOpenEXR-3_2-31-3.2.2-160000.7.1 * libIlmThread-3_2-31-3.2.2-160000.7.1 * libOpenEXRUtil-3_2-31-debuginfo-3.2.2-160000.7.1 * openexr-debuginfo-3.2.2-160000.7.1 * libIex-3_2-31-3.2.2-160000.7.1 * libOpenEXRCore-3_2-31-3.2.2-160000.7.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * libOpenEXRUtil-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libOpenEXR-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libIlmThread-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libIex-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * libOpenEXRCore-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * libIex-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libOpenEXR-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * libOpenEXRUtil-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * libOpenEXRCore-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libIlmThread-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * openexr-doc-3.2.2-160000.7.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libIex-3_2-31-debuginfo-3.2.2-160000.7.1 * libOpenEXR-3_2-31-debuginfo-3.2.2-160000.7.1 * openexr-3.2.2-160000.7.1 * libOpenEXRCore-3_2-31-debuginfo-3.2.2-160000.7.1 * openexr-debugsource-3.2.2-160000.7.1 * libIlmThread-3_2-31-debuginfo-3.2.2-160000.7.1 * libOpenEXRUtil-3_2-31-3.2.2-160000.7.1 * libOpenEXR-3_2-31-3.2.2-160000.7.1 * libIlmThread-3_2-31-3.2.2-160000.7.1 * libOpenEXRUtil-3_2-31-debuginfo-3.2.2-160000.7.1 * openexr-debuginfo-3.2.2-160000.7.1 * libIex-3_2-31-3.2.2-160000.7.1 * libOpenEXRCore-3_2-31-3.2.2-160000.7.1 * SUSE Linux Enterprise Server 16.0 (noarch) * openexr-doc-3.2.2-160000.7.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * libOpenEXRUtil-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libOpenEXR-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libIlmThread-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libIex-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * libOpenEXRCore-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * libIex-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libOpenEXR-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * libOpenEXRUtil-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 * libOpenEXRCore-3_2-31-x86-64-v3-3.2.2-160000.7.1 * libIlmThread-3_2-31-x86-64-v3-debuginfo-3.2.2-160000.7.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40244.html * https://www.suse.com/security/cve/CVE-2026-40250.html * https://bugzilla.suse.com/show_bug.cgi?id=1262425 * https://bugzilla.suse.com/show_bug.cgi?id=1262426 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:28 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:28 -0000 Subject: SUSE-SU-2026:21432-1: important: Security update for ntfs-3g_ntfsprogs Message-ID: <177788378874.1375.7528699985672486040@dde0e951fc7e> # Security update for ntfs-3g_ntfsprogs Announcement ID: SUSE-SU-2026:21432-1 Release Date: 2026-04-29T14:18:47Z Rating: important References: * bsc#1262216 Cross-References: * CVE-2026-40706 CVSS scores: * CVE-2026-40706 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40706 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40706 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for ntfs-3g_ntfsprogs fixes the following issue: * CVE-2026-40706: heap buffer overflow in ntfs_build_permissions_posix() in acls.c (bsc#1262216). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-659=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-659=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * ntfsprogs-extra-debuginfo-2022.10.3-160000.3.1 * ntfsprogs-debuginfo-2022.10.3-160000.3.1 * ntfs-3g-debuginfo-2022.10.3-160000.3.1 * libntfs-3g89-2022.10.3-160000.3.1 * ntfs-3g_ntfsprogs-debuginfo-2022.10.3-160000.3.1 * libntfs-3g89-debuginfo-2022.10.3-160000.3.1 * ntfsprogs-extra-2022.10.3-160000.3.1 * ntfs-3g_ntfsprogs-debugsource-2022.10.3-160000.3.1 * ntfsprogs-2022.10.3-160000.3.1 * ntfs-3g-2022.10.3-160000.3.1 * libntfs-3g-devel-2022.10.3-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * ntfsprogs-extra-debuginfo-2022.10.3-160000.3.1 * ntfsprogs-debuginfo-2022.10.3-160000.3.1 * ntfs-3g-debuginfo-2022.10.3-160000.3.1 * libntfs-3g89-2022.10.3-160000.3.1 * ntfs-3g_ntfsprogs-debuginfo-2022.10.3-160000.3.1 * libntfs-3g89-debuginfo-2022.10.3-160000.3.1 * ntfsprogs-extra-2022.10.3-160000.3.1 * ntfs-3g_ntfsprogs-debugsource-2022.10.3-160000.3.1 * ntfsprogs-2022.10.3-160000.3.1 * ntfs-3g-2022.10.3-160000.3.1 * libntfs-3g-devel-2022.10.3-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40706.html * https://bugzilla.suse.com/show_bug.cgi?id=1262216 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:35 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:35 -0000 Subject: SUSE-SU-2026:21431-1: moderate: Security update for python-PyNaCl Message-ID: <177788379531.1375.16121008761812239812@dde0e951fc7e> # Security update for python-PyNaCl Announcement ID: SUSE-SU-2026:21431-1 Release Date: 2026-04-29T14:15:43Z Rating: moderate References: * bsc#1161557 * bsc#1199282 * bsc#1255764 * jsc#SLE-24629 Cross-References: * CVE-2025-69277 CVSS scores: * CVE-2025-69277 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-69277 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69277 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability, contains one feature and has two fixes can now be installed. ## Description: This update for python-PyNaCl fixes the following issues: Security fixes: * CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point function (bsc#1255764). Other fixes: * update to 1.6.2 (bsc#1255764, CVE-2025-69277): * Updated libsodium to 1.0.20-stable (2025-12-31 build) * Update to 1.6.1 * The `MAKE` environment variable can now be used to specify the `make` binary that should be used in the build process. * update to 1.6.0: * BACKWARDS INCOMPATIBLE: Removed support for Python 3.6 and 3.7. * Added support for the low level AEAD AES bindings. * Added support for crypto_core_ed25519_from_uniform. * Update libsodium to 1.0.20-stable (2025-08-27 build). * Added support for free-threaded Python 3.14. * Added support for Windows on ARM wheels. * Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) * python-PyNaCl requires python-cffi [bsc#1161557] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-658=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-658=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * python313-PyNaCl-debuginfo-1.6.2-160000.1.1 * python-PyNaCl-debugsource-1.6.2-160000.1.1 * python313-PyNaCl-1.6.2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * python313-PyNaCl-debuginfo-1.6.2-160000.1.1 * python-PyNaCl-debugsource-1.6.2-160000.1.1 * python313-PyNaCl-1.6.2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-69277.html * https://bugzilla.suse.com/show_bug.cgi?id=1161557 * https://bugzilla.suse.com/show_bug.cgi?id=1199282 * https://bugzilla.suse.com/show_bug.cgi?id=1255764 * https://jira.suse.com/browse/SLE-24629 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:39 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:39 -0000 Subject: SUSE-RU-2026:21430-1: moderate: Recommended update for python-urllib3 Message-ID: <177788379926.1375.6623384318980363976@dde0e951fc7e> # Recommended update for python-urllib3 Announcement ID: SUSE-RU-2026:21430-1 Release Date: 2026-04-29T14:14:09Z Rating: moderate References: * bsc#1254867 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has one fix can now be installed. ## Description: This update for python-urllib3 fixes the following issue: * Fix regression in CVE-2025-66471.patch (bsc#1254867) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-657=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-657=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-urllib3-2.5.0-160000.5.1 * SUSE Linux Enterprise Server 16.0 (noarch) * python313-urllib3-2.5.0-160000.5.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1254867 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:43 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:43 -0000 Subject: SUSE-RU-2026:21429-1: important: Recommended update for crmsh Message-ID: <177788380389.1375.14754520296749718785@dde0e951fc7e> # Recommended update for crmsh Announcement ID: SUSE-RU-2026:21429-1 Release Date: 2026-04-29T12:59:02Z Rating: important References: * bsc#1254243 * bsc#1262094 Affected Products: * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has two fixes can now be installed. ## Description: This update for crmsh fixes the following issues: * Update to version 5.0.0+20260420.f7e8ecad: * Dev: utils: Improve check_port_open to concurrently try all addresses (bsc#1262094) * Dev: qdevice: Remove unused codes * Fix: bootstrap: On join node, retrieve qdevice certification files before starting qdevice (bsc#1254243) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-656=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * crmsh-5.0.0+20260420.f7e8ecad-160000.1.1 * crmsh-scripts-5.0.0+20260420.f7e8ecad-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1254243 * https://bugzilla.suse.com/show_bug.cgi?id=1262094 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:36:58 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:36:58 -0000 Subject: SUSE-SU-2026:21428-1: moderate: Security update for libssh Message-ID: <177788381865.1375.15833204584100656851@dde0e951fc7e> # Security update for libssh Announcement ID: SUSE-SU-2026:21428-1 Release Date: 2026-04-29T11:06:27Z Rating: moderate References: * bsc#1246974 * bsc#1249375 * bsc#1258045 * bsc#1258049 * bsc#1258054 * bsc#1258080 * bsc#1258081 Cross-References: * CVE-2025-8114 * CVE-2025-8277 * CVE-2026-0964 * CVE-2026-0965 * CVE-2026-0966 * CVE-2026-0967 * CVE-2026-0968 CVSS scores: * CVE-2025-8114 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-8114 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-8114 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-8114 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-8277 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8277 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-0964 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-0964 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-0964 ( NVD ): 5.0 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-0965 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-0965 ( NVD ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-0966 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-0966 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-0966 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-0967 ( SUSE ): 1.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0967 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-0967 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-0967 ( NVD ): 2.2 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2026-0968 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0968 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L * CVE-2026-0968 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-0968 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-0968 ( NVD ): 3.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves seven vulnerabilities can now be installed. ## Description: This update for libssh fixes the following issues: * Update to version 0.11.4: * CVE-2026-0964: SCP Protocol Path Traversal in ssh_scp_pull_request() (bsc#1258049) * CVE-2026-0965: Possible Denial of Service when parsing unexpected configuration files (bsc#1258045) * CVE-2026-0966: Buffer underflow in ssh_get_hexa() on invalid input (bsc#1258054) * CVE-2026-0967: Specially crafted patterns could cause DoS (bsc#1258081) * CVE-2026-0968: OOB Read in sftp_parse_longname() (bsc#1258080) * CVE-2025-8114: Fix NULL pointer dereference after allocation failure (bsc#1246974) * CVE-2025-8277: Fix memory leak of ephemeral key pair during repeated wrong KEX (bsc#1249375) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-655=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-655=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * libssh-config-0.11.4-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libssh-devel-0.11.4-160000.1.1 * libssh4-0.11.4-160000.1.1 * libssh4-debuginfo-0.11.4-160000.1.1 * libssh-debugsource-0.11.4-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * libssh-config-0.11.4-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libssh-devel-0.11.4-160000.1.1 * libssh4-0.11.4-160000.1.1 * libssh4-debuginfo-0.11.4-160000.1.1 * libssh-debugsource-0.11.4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8114.html * https://www.suse.com/security/cve/CVE-2025-8277.html * https://www.suse.com/security/cve/CVE-2026-0964.html * https://www.suse.com/security/cve/CVE-2026-0965.html * https://www.suse.com/security/cve/CVE-2026-0966.html * https://www.suse.com/security/cve/CVE-2026-0967.html * https://www.suse.com/security/cve/CVE-2026-0968.html * https://bugzilla.suse.com/show_bug.cgi?id=1246974 * https://bugzilla.suse.com/show_bug.cgi?id=1249375 * https://bugzilla.suse.com/show_bug.cgi?id=1258045 * https://bugzilla.suse.com/show_bug.cgi?id=1258049 * https://bugzilla.suse.com/show_bug.cgi?id=1258054 * https://bugzilla.suse.com/show_bug.cgi?id=1258080 * https://bugzilla.suse.com/show_bug.cgi?id=1258081 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:01 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:01 -0000 Subject: SUSE-SU-2026:21427-1: important: Security update for PackageKit Message-ID: <177788382160.1375.10881625073509368550@dde0e951fc7e> # Security update for PackageKit Announcement ID: SUSE-SU-2026:21427-1 Release Date: 2026-04-29T09:44:07Z Rating: important References: * bsc#1262220 Cross-References: * CVE-2026-41651 CVSS scores: * CVE-2026-41651 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-41651 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-41651 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for PackageKit fixes the following issues: * CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE (bsc#1262220). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-654=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-654=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libpackagekit-glib2-18-1.2.8-160000.4.1 * libpackagekit-glib2-18-debuginfo-1.2.8-160000.4.1 * PackageKit-devel-1.2.8-160000.4.1 * typelib-1_0-PackageKitGlib-1_0-1.2.8-160000.4.1 * PackageKit-devel-debuginfo-1.2.8-160000.4.1 * PackageKit-debuginfo-1.2.8-160000.4.1 * PackageKit-backend-zypp-1.2.8-160000.4.1 * PackageKit-debugsource-1.2.8-160000.4.1 * PackageKit-backend-zypp-debuginfo-1.2.8-160000.4.1 * PackageKit-1.2.8-160000.4.1 * libpackagekit-glib2-devel-1.2.8-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * PackageKit-branding-upstream-1.2.8-160000.4.1 * PackageKit-lang-1.2.8-160000.4.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libpackagekit-glib2-18-1.2.8-160000.4.1 * libpackagekit-glib2-18-debuginfo-1.2.8-160000.4.1 * PackageKit-devel-1.2.8-160000.4.1 * typelib-1_0-PackageKitGlib-1_0-1.2.8-160000.4.1 * PackageKit-devel-debuginfo-1.2.8-160000.4.1 * PackageKit-debuginfo-1.2.8-160000.4.1 * PackageKit-backend-zypp-1.2.8-160000.4.1 * PackageKit-debugsource-1.2.8-160000.4.1 * PackageKit-backend-zypp-debuginfo-1.2.8-160000.4.1 * PackageKit-1.2.8-160000.4.1 * libpackagekit-glib2-devel-1.2.8-160000.4.1 * SUSE Linux Enterprise Server 16.0 (noarch) * PackageKit-branding-upstream-1.2.8-160000.4.1 * PackageKit-lang-1.2.8-160000.4.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41651.html * https://bugzilla.suse.com/show_bug.cgi?id=1262220 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:08 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:08 -0000 Subject: SUSE-SU-2026:21426-1: important: Security update for python-Mako Message-ID: <177788382833.1375.5741935135070963474@dde0e951fc7e> # Security update for python-Mako Announcement ID: SUSE-SU-2026:21426-1 Release Date: 2026-04-29T08:17:18Z Rating: important References: * bsc#1262716 Cross-References: * CVE-2026-41205 CVSS scores: * CVE-2026-41205 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41205 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-41205 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41205 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-Mako fixes the following issue: * CVE-2026-41205: Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal (bsc#1262716). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-653=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-653=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-Mako-1.3.10-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * python313-Mako-1.3.10-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41205.html * https://bugzilla.suse.com/show_bug.cgi?id=1262716 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:11 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:11 -0000 Subject: SUSE-SU-2026:21425-1: important: Security update for python-jwcrypto Message-ID: <177788383107.1375.4856584765644158037@dde0e951fc7e> # Security update for python-jwcrypto Announcement ID: SUSE-SU-2026:21425-1 Release Date: 2026-04-29T08:15:26Z Rating: important References: * bsc#1261802 Cross-References: * CVE-2026-39373 CVSS scores: * CVE-2026-39373 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-39373 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-39373 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-jwcrypto fixes the following issues: * CVE-2026-39373: weak mitigation for JWT bomb attack in the `deserialize` function can lead to memory exhaustion via crafted compressed JWE tokens (bsc#1261802). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-652=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-652=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-jwcrypto-1.5.6-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * python313-jwcrypto-1.5.6-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-39373.html * https://bugzilla.suse.com/show_bug.cgi?id=1261802 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:14 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:14 -0000 Subject: SUSE-SU-2026:21424-1: important: Security update for glibc-livepatches Message-ID: <177788383471.1375.6407967507627267865@dde0e951fc7e> # Security update for glibc-livepatches Announcement ID: SUSE-SU-2026:21424-1 Release Date: 2026-04-28T16:23:13Z Rating: important References: * bsc#1261209 Cross-References: * CVE-2026-4046 CVSS scores: * CVE-2026-4046 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-4046 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4046 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for glibc-livepatches fixes the following issue: * CVE-2026-4046: assertion failure when converting inputs may be used to remotely crash an application (bsc#1261209). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-651=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-651=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * glibc-livepatches-debugsource-0.4-160000.1.1 * glibc-livepatches-0.4-160000.1.1 * glibc-livepatches-debuginfo-0.4-160000.1.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * glibc-livepatches-debugsource-0.4-160000.1.1 * glibc-livepatches-0.4-160000.1.1 * glibc-livepatches-debuginfo-0.4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-4046.html * https://bugzilla.suse.com/show_bug.cgi?id=1261209 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:15 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:15 -0000 Subject: SUSE-RU-2026:21423-1: moderate: Recommended update for xfsprogs Message-ID: <177788383590.1375.4153415972850524997@dde0e951fc7e> # Recommended update for xfsprogs Announcement ID: SUSE-RU-2026:21423-1 Release Date: 2026-04-28T16:23:13Z Rating: moderate References: Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that can now be installed. ## Description: This update for xfsprogs fixes the following issues: * update to 6.19.0: * xfs_io: * print more realtime subvolume related information in statfs * fix fsmap help * mkfs: * fix log sunit automatic configuration * fix protofile data corruption when in/out file block sizes don't match * remove unnecessary return value affectation * quiet down warning about insufficient write zones * set rtstart from user-specified dblocks * libxfs: fix data corruption bug in libxfs_file_write * misc: fix a few memory leaks * mkfs.xfs fix sunit size on 512e and 4kN disks. * xfs_scrub_all: fix non-service-mode arguments to xfs_scrub * xfs: use blkdev_report_zones_cached() * include blkzoned.h in platform_defs.h * xfs_mdrestore: fix restoration on filesystems with 4k sectors * xfs_logprint: print log data to the screen in host-endian order ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-650=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-650=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * xfsprogs-debugsource-6.19.0-160000.1.1 * xfsprogs-6.19.0-160000.1.1 * xfsprogs-scrub-6.19.0-160000.1.1 * libhandle1-debuginfo-6.19.0-160000.1.1 * xfsprogs-devel-6.19.0-160000.1.1 * xfsprogs-debuginfo-6.19.0-160000.1.1 * libhandle1-6.19.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * xfsprogs-debugsource-6.19.0-160000.1.1 * xfsprogs-6.19.0-160000.1.1 * xfsprogs-scrub-6.19.0-160000.1.1 * libhandle1-debuginfo-6.19.0-160000.1.1 * xfsprogs-devel-6.19.0-160000.1.1 * xfsprogs-debuginfo-6.19.0-160000.1.1 * libhandle1-6.19.0-160000.1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:20 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:20 -0000 Subject: SUSE-SU-2026:21422-1: moderate: Security update for libsodium Message-ID: <177788384092.1375.1377234367449215867@dde0e951fc7e> # Security update for libsodium Announcement ID: SUSE-SU-2026:21422-1 Release Date: 2026-04-28T15:27:44Z Rating: moderate References: * bsc#1255764 * bsc#1256070 Cross-References: * CVE-2025-15444 * CVE-2025-69277 CVSS scores: * CVE-2025-15444 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2025-15444 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-69277 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-69277 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2025-69277 ( NVD ): 4.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for libsodium fixes the following issues: Security fixes: * CVE-2025-15444: Cryptographic bypass via improper elliptic curve point validation (bsc#1256070). * CVE-2025-69277: incorrect validation of elliptic curve points certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point function (bsc#1255764). Other fixes: * Update to 1.0.21 * The new crypto_ipcrypt_* functions implement mechanisms for securely encrypting and anonymizing IP addresses. * The sodium_bin2ip and sodium_ip2bin helper functions have been added to complement the crypto_ipcrypt_* functions and easily convert addresses between bytes and strings. * XOF: the crypto_xof_shake _and crypto_xof_turboshake_ functions are * standard extendable output functions. From input of any length, they can derive output of any length with the same properties as hash functions. These primitives are required by many post-quantum mechanisms, but can also be used for a wide range of applications, including key derivation, session encryption and more. * Performance of AES256-GCM and AEGIS on ARM has been improved with some compilers * Security: optblockers have been introduced in critical code paths to prevent compilers from introducing unwanted side channels via conditional jumps. This was observed on RISC-V targets with specific compilers and options. * Security: crypto_core_ed25519_is_valid_point() now properly rejects small- order points that are not in the main subgroup * ((nonnull)) attributes have been relaxed on some crypto_stream* functions to allow NULL output buffers when the output length is zero * A cross-compilation issue with old clang versions has been fixed * crypto_aead_aes256gcm_is_available is exported to JavaScript * Security: memory fences have been added after MAC verification in AEAD to prevent speculative access to plaintext before authentication is complete * Assembly files now include .gnu.property notes for proper IBT and Shadow Stack support when building with CET instrumentation. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-649=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-649=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libsodium26-debuginfo-1.0.21-160000.1.1 * libsodium26-1.0.21-160000.1.1 * libsodium-devel-1.0.21-160000.1.1 * libsodium-debugsource-1.0.21-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libsodium26-debuginfo-1.0.21-160000.1.1 * libsodium26-1.0.21-160000.1.1 * libsodium-devel-1.0.21-160000.1.1 * libsodium-debugsource-1.0.21-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15444.html * https://www.suse.com/security/cve/CVE-2025-69277.html * https://bugzilla.suse.com/show_bug.cgi?id=1255764 * https://bugzilla.suse.com/show_bug.cgi?id=1256070 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:25 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:25 -0000 Subject: SUSE-SU-2026:21421-1: important: Security update for the Linux Kernel Message-ID: <177788384502.1375.12787744636062403652@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:21421-1 Release Date: 2026-05-02T07:09:30Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server High Availability Extension 16.0 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server High Availability Extension 16.0 zypper in -t patch SUSE-SLES-HA-16.0-666=1 ## Package List: * SUSE Linux Enterprise Server High Availability Extension 16.0 (ppc64le s390x x86_64) * cluster-md-kmp-default-6.12.0-160000.29.1 * dlm-kmp-default-debuginfo-6.12.0-160000.29.1 * cluster-md-kmp-default-debuginfo-6.12.0-160000.29.1 * dlm-kmp-default-6.12.0-160000.29.1 * gfs2-kmp-default-debuginfo-6.12.0-160000.29.1 * kernel-default-debuginfo-6.12.0-160000.29.1 * gfs2-kmp-default-6.12.0-160000.29.1 * kernel-default-debugsource-6.12.0-160000.29.1 * SUSE Linux Enterprise Server High Availability Extension 16.0 (nosrc) * kernel-default-6.12.0-160000.29.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:30 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:30 -0000 Subject: SUSE-RU-2026:21420-1: important: Recommended update for crmsh Message-ID: <177788385022.1375.1225123416607467061@dde0e951fc7e> # Recommended update for crmsh Announcement ID: SUSE-RU-2026:21420-1 Release Date: 2026-04-29T12:58:33Z Rating: important References: * bsc#1254243 * bsc#1262094 Affected Products: * SUSE Linux Enterprise Server High Availability Extension 16.0 An update that has two fixes can now be installed. ## Description: This update for crmsh fixes the following issues: * Update to version 5.0.0+20260420.f7e8ecad: * Dev: utils: Improve check_port_open to concurrently try all addresses (bsc#1262094) * Dev: qdevice: Remove unused codes * Fix: bootstrap: On join node, retrieve qdevice certification files before starting qdevice (bsc#1254243) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server High Availability Extension 16.0 zypper in -t patch SUSE-SLES-HA-16.0-656=1 ## Package List: * SUSE Linux Enterprise Server High Availability Extension 16.0 (noarch) * crmsh-5.0.0+20260420.f7e8ecad-160000.1.1 * crmsh-scripts-5.0.0+20260420.f7e8ecad-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1254243 * https://bugzilla.suse.com/show_bug.cgi?id=1262094 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:34 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:34 -0000 Subject: SUSE-SU-2026:1678-1: important: Security update for the Linux Kernel Message-ID: <177788385448.1375.14832434905623722455@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1678-1 Release Date: 2026-05-02T10:27:11Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Real Time Module 15-SP7 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1678=1 * SUSE Real Time Module 15-SP7 zypper in -t patch SUSE-SLE-Module-RT-15-SP7-2026-1678=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_40-rt-1-150700.1.3.2 * kernel-livepatch-6_4_0-150700_7_40-rt-debuginfo-1-150700.1.3.2 * kernel-livepatch-SLE15-SP7-RT_Update_12-debugsource-1-150700.1.3.2 * SUSE Real Time Module 15-SP7 (x86_64) * ocfs2-kmp-rt-debuginfo-6.4.0-150700.7.40.1 * dlm-kmp-rt-6.4.0-150700.7.40.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150700.7.40.1 * dlm-kmp-rt-debuginfo-6.4.0-150700.7.40.1 * kernel-rt-debugsource-6.4.0-150700.7.40.1 * kernel-rt-devel-debuginfo-6.4.0-150700.7.40.1 * kernel-rt-debuginfo-6.4.0-150700.7.40.1 * kernel-syms-rt-6.4.0-150700.7.40.1 * cluster-md-kmp-rt-6.4.0-150700.7.40.1 * ocfs2-kmp-rt-6.4.0-150700.7.40.1 * gfs2-kmp-rt-6.4.0-150700.7.40.1 * kernel-rt-devel-6.4.0-150700.7.40.1 * gfs2-kmp-rt-debuginfo-6.4.0-150700.7.40.1 * SUSE Real Time Module 15-SP7 (noarch) * kernel-devel-rt-6.4.0-150700.7.40.1 * kernel-source-rt-6.4.0-150700.7.40.1 * SUSE Real Time Module 15-SP7 (nosrc x86_64) * kernel-rt-6.4.0-150700.7.40.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:38 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:38 -0000 Subject: SUSE-SU-2026:1677-1: important: Security update for the Linux Kernel Message-ID: <177788385861.1375.4205465731252385428@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1677-1 Release Date: 2026-05-02T10:26:11Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-1677=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1677=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1677=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (noarch) * kernel-source-vanilla-5.3.18-150300.59.246.1 * kernel-macros-5.3.18-150300.59.246.1 * kernel-docs-html-5.3.18-150300.59.246.1 * kernel-source-5.3.18-150300.59.246.1 * kernel-devel-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-5.3.18-150300.59.246.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.246.1 * gfs2-kmp-default-5.3.18-150300.59.246.1 * kernel-default-livepatch-5.3.18-150300.59.246.1 * kernel-default-extra-5.3.18-150300.59.246.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.246.1 * kernel-syms-5.3.18-150300.59.246.1 * kernel-default-base-rebuild-5.3.18-150300.59.246.1.150300.18.146.2 * kernel-default-devel-debuginfo-5.3.18-150300.59.246.1 * kernel-default-devel-5.3.18-150300.59.246.1 * kernel-default-debuginfo-5.3.18-150300.59.246.1 * kernel-default-debugsource-5.3.18-150300.59.246.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.246.1 * kselftests-kmp-default-5.3.18-150300.59.246.1 * dlm-kmp-default-5.3.18-150300.59.246.1 * ocfs2-kmp-default-5.3.18-150300.59.246.1 * cluster-md-kmp-default-5.3.18-150300.59.246.1 * kernel-obs-build-5.3.18-150300.59.246.1 * kernel-obs-qa-5.3.18-150300.59.246.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.246.1 * kernel-default-base-5.3.18-150300.59.246.1.150300.18.146.2 * kernel-default-extra-debuginfo-5.3.18-150300.59.246.1 * kernel-default-optional-5.3.18-150300.59.246.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.246.1 * kernel-obs-build-debugsource-5.3.18-150300.59.246.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.246.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-kvmsmall-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-kvmsmall-debuginfo-5.3.18-150300.59.246.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.246.1 * kernel-kvmsmall-devel-5.3.18-150300.59.246.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (aarch64 x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150300.59.246.1 * cluster-md-kmp-preempt-5.3.18-150300.59.246.1 * reiserfs-kmp-preempt-5.3.18-150300.59.246.1 * ocfs2-kmp-preempt-5.3.18-150300.59.246.1 * kernel-preempt-extra-5.3.18-150300.59.246.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.246.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.246.1 * kernel-preempt-debuginfo-5.3.18-150300.59.246.1 * kernel-preempt-devel-5.3.18-150300.59.246.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.246.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.246.1 * kernel-preempt-debugsource-5.3.18-150300.59.246.1 * kselftests-kmp-preempt-5.3.18-150300.59.246.1 * kernel-preempt-optional-5.3.18-150300.59.246.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.246.1 * dlm-kmp-preempt-5.3.18-150300.59.246.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.246.1 * gfs2-kmp-preempt-5.3.18-150300.59.246.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.246.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debuginfo-5.3.18-150300.59.246.1 * kernel-zfcpdump-debugsource-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (aarch64) * kernel-64kb-debuginfo-5.3.18-150300.59.246.1 * dtb-amd-5.3.18-150300.59.246.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.246.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.246.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.246.1 * dtb-renesas-5.3.18-150300.59.246.1 * dtb-mediatek-5.3.18-150300.59.246.1 * kselftests-kmp-64kb-5.3.18-150300.59.246.1 * kernel-64kb-extra-5.3.18-150300.59.246.1 * dtb-exynos-5.3.18-150300.59.246.1 * dtb-zte-5.3.18-150300.59.246.1 * dtb-broadcom-5.3.18-150300.59.246.1 * dlm-kmp-64kb-5.3.18-150300.59.246.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.246.1 * gfs2-kmp-64kb-5.3.18-150300.59.246.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.246.1 * dtb-amlogic-5.3.18-150300.59.246.1 * dtb-freescale-5.3.18-150300.59.246.1 * dtb-qcom-5.3.18-150300.59.246.1 * dtb-rockchip-5.3.18-150300.59.246.1 * dtb-lg-5.3.18-150300.59.246.1 * dtb-nvidia-5.3.18-150300.59.246.1 * dtb-altera-5.3.18-150300.59.246.1 * reiserfs-kmp-64kb-5.3.18-150300.59.246.1 * dtb-arm-5.3.18-150300.59.246.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.246.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.246.1 * dtb-allwinner-5.3.18-150300.59.246.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.246.1 * dtb-cavium-5.3.18-150300.59.246.1 * kernel-64kb-optional-5.3.18-150300.59.246.1 * ocfs2-kmp-64kb-5.3.18-150300.59.246.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.246.1 * dtb-xilinx-5.3.18-150300.59.246.1 * dtb-al-5.3.18-150300.59.246.1 * dtb-marvell-5.3.18-150300.59.246.1 * dtb-socionext-5.3.18-150300.59.246.1 * cluster-md-kmp-64kb-5.3.18-150300.59.246.1 * dtb-sprd-5.3.18-150300.59.246.1 * kernel-64kb-devel-5.3.18-150300.59.246.1 * dtb-hisilicon-5.3.18-150300.59.246.1 * dtb-apm-5.3.18-150300.59.246.1 * kernel-64kb-debugsource-5.3.18-150300.59.246.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.246.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.246.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.246.1.150300.18.146.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.246.1 * kernel-default-debuginfo-5.3.18-150300.59.246.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-5.3.18-150300.59.246.1 * kernel-macros-5.3.18-150300.59.246.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.246.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.246.1.150300.18.146.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debugsource-5.3.18-150300.59.246.1 * kernel-default-debuginfo-5.3.18-150300.59.246.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-5.3.18-150300.59.246.1 * kernel-macros-5.3.18-150300.59.246.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:43 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:43 -0000 Subject: SUSE-SU-2026:1669-1: important: Security update for the Linux Kernel Message-ID: <177788386353.1375.3728745372673848104@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1669-1 Release Date: 2026-05-02T06:12:42Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * Legacy Module 15-SP7 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-1673=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-1673=1 * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2026-1673=1 * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2026-1673=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-1673=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1673=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1669=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1669=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1669=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1673=1 ## Package List: * Development Tools Module 15-SP7 (noarch nosrc) * kernel-docs-6.4.0-150700.53.40.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-6.4.0-150700.53.40.1 * kernel-obs-build-debugsource-6.4.0-150700.53.40.1 * kernel-syms-6.4.0-150700.53.40.1 * Development Tools Module 15-SP7 (noarch) * kernel-source-6.4.0-150700.53.40.1 * Legacy Module 15-SP7 (nosrc) * kernel-default-6.4.0-150700.53.40.1 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-6.4.0-150700.53.40.1 * reiserfs-kmp-default-6.4.0-150700.53.40.1 * kernel-default-debuginfo-6.4.0-150700.53.40.1 * kernel-default-debugsource-6.4.0-150700.53.40.1 * Public Cloud Module 15-SP7 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150700.53.40.1 * Public Cloud Module 15-SP7 (aarch64 x86_64) * kernel-azure-devel-debuginfo-6.4.0-150700.53.40.1 * kernel-azure-debugsource-6.4.0-150700.53.40.1 * kernel-azure-devel-6.4.0-150700.53.40.1 * kernel-azure-debuginfo-6.4.0-150700.53.40.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-6.4.0-150700.53.40.1 * gfs2-kmp-default-6.4.0-150700.53.40.1 * kernel-default-debuginfo-6.4.0-150700.53.40.1 * kernel-default-debugsource-6.4.0-150700.53.40.1 * ocfs2-kmp-default-debuginfo-6.4.0-150700.53.40.1 * cluster-md-kmp-default-debuginfo-6.4.0-150700.53.40.1 * gfs2-kmp-default-debuginfo-6.4.0-150700.53.40.1 * cluster-md-kmp-default-6.4.0-150700.53.40.1 * dlm-kmp-default-6.4.0-150700.53.40.1 * ocfs2-kmp-default-6.4.0-150700.53.40.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (nosrc) * kernel-default-6.4.0-150700.53.40.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (nosrc) * kernel-default-6.4.0-150700.53.40.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * kernel-default-extra-debuginfo-6.4.0-150700.53.40.1 * kernel-default-extra-6.4.0-150700.53.40.1 * kernel-default-debuginfo-6.4.0-150700.53.40.1 * kernel-default-debugsource-6.4.0-150700.53.40.1 * SUSE Linux Enterprise Live Patching 15-SP7 (nosrc) * kernel-default-6.4.0-150700.53.40.1 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150700.53.40.1 * kernel-default-debugsource-6.4.0-150700.53.40.1 * kernel-livepatch-SLE15-SP7_Update_12-debugsource-1-150700.15.3.1 * kernel-default-livepatch-devel-6.4.0-150700.53.40.1 * kernel-livepatch-6_4_0-150700_53_40-default-1-150700.15.3.1 * kernel-default-livepatch-6.4.0-150700.53.40.1 * kernel-livepatch-6_4_0-150700_53_40-default-debuginfo-1-150700.15.3.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.302.1 * dlm-kmp-default-debuginfo-4.12.14-122.302.1 * kernel-default-base-debuginfo-4.12.14-122.302.1 * kernel-default-devel-4.12.14-122.302.1 * dlm-kmp-default-4.12.14-122.302.1 * kernel-default-debugsource-4.12.14-122.302.1 * ocfs2-kmp-default-4.12.14-122.302.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.302.1 * kernel-default-base-4.12.14-122.302.1 * gfs2-kmp-default-4.12.14-122.302.1 * kernel-syms-4.12.14-122.302.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.302.1 * gfs2-kmp-default-debuginfo-4.12.14-122.302.1 * cluster-md-kmp-default-4.12.14-122.302.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.302.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-source-4.12.14-122.302.1 * kernel-macros-4.12.14-122.302.1 * kernel-devel-4.12.14-122.302.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.302.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.302.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * kernel-default-debuginfo-4.12.14-122.302.1 * dlm-kmp-default-debuginfo-4.12.14-122.302.1 * kernel-default-base-debuginfo-4.12.14-122.302.1 * kernel-default-devel-4.12.14-122.302.1 * dlm-kmp-default-4.12.14-122.302.1 * kernel-default-debugsource-4.12.14-122.302.1 * kernel-default-devel-debuginfo-4.12.14-122.302.1 * ocfs2-kmp-default-4.12.14-122.302.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.302.1 * kernel-default-base-4.12.14-122.302.1 * gfs2-kmp-default-4.12.14-122.302.1 * kernel-syms-4.12.14-122.302.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.302.1 * gfs2-kmp-default-debuginfo-4.12.14-122.302.1 * cluster-md-kmp-default-4.12.14-122.302.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.302.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-source-4.12.14-122.302.1 * kernel-macros-4.12.14-122.302.1 * kernel-devel-4.12.14-122.302.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.302.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-debuginfo-4.12.14-122.302.1 * kgraft-patch-4_12_14-122_302-default-1-8.3.1 * kernel-default-kgraft-devel-4.12.14-122.302.1 * kernel-default-debugsource-4.12.14-122.302.1 * kernel-default-kgraft-4.12.14-122.302.1 * Basesystem Module 15-SP7 (aarch64 nosrc) * kernel-64kb-6.4.0-150700.53.40.1 * Basesystem Module 15-SP7 (aarch64) * kernel-64kb-devel-debuginfo-6.4.0-150700.53.40.1 * kernel-64kb-debugsource-6.4.0-150700.53.40.1 * kernel-64kb-devel-6.4.0-150700.53.40.1 * kernel-64kb-debuginfo-6.4.0-150700.53.40.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150700.53.40.1 * Basesystem Module 15-SP7 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150700.53.40.1.150700.17.27.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-6.4.0-150700.53.40.1 * kernel-default-devel-debuginfo-6.4.0-150700.53.40.1 * kernel-default-debuginfo-6.4.0-150700.53.40.1 * kernel-default-debugsource-6.4.0-150700.53.40.1 * Basesystem Module 15-SP7 (noarch) * kernel-macros-6.4.0-150700.53.40.1 * kernel-devel-6.4.0-150700.53.40.1 * Basesystem Module 15-SP7 (nosrc s390x) * kernel-zfcpdump-6.4.0-150700.53.40.1 * Basesystem Module 15-SP7 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150700.53.40.1 * kernel-zfcpdump-debuginfo-6.4.0-150700.53.40.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:49 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:49 -0000 Subject: SUSE-SU-2026:1676-1: important: Security update for the Linux Kernel Message-ID: <177788386946.1375.13035019295963896261@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1676-1 Release Date: 2026-05-02T07:19:34Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1676=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1676=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.130.1 * kernel-devel-rt-5.14.21-150500.13.130.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt-vdso-5.14.21-150500.13.130.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.130.1 * dlm-kmp-rt-5.14.21-150500.13.130.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.130.1 * kselftests-kmp-rt-5.14.21-150500.13.130.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.130.1 * ocfs2-kmp-rt-5.14.21-150500.13.130.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.130.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.130.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.130.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.130.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.130.1 * kernel-rt-debugsource-5.14.21-150500.13.130.1 * kernel-rt-optional-5.14.21-150500.13.130.1 * cluster-md-kmp-rt-5.14.21-150500.13.130.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.130.1 * kernel-rt-extra-5.14.21-150500.13.130.1 * kernel-rt_debug-vdso-5.14.21-150500.13.130.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.130.1 * reiserfs-kmp-rt-5.14.21-150500.13.130.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.130.1 * kernel-rt_debug-devel-5.14.21-150500.13.130.1 * kernel-syms-rt-5.14.21-150500.13.130.1 * kernel-rt-devel-5.14.21-150500.13.130.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.130.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.130.1 * gfs2-kmp-rt-5.14.21-150500.13.130.1 * kernel-rt-livepatch-5.14.21-150500.13.130.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.130.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.130.1 * kernel-rt-debuginfo-5.14.21-150500.13.130.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.130.1 * kernel-rt_debug-5.14.21-150500.13.130.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.130.1 * kernel-devel-rt-5.14.21-150500.13.130.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.130.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.130.1 * kernel-rt-debugsource-5.14.21-150500.13.130.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:53 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:53 -0000 Subject: SUSE-SU-2026:1675-1: important: Security update for the Linux Kernel Message-ID: <177788387350.1375.13830337882811290873@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1675-1 Release Date: 2026-05-02T07:19:20Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1675=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1675=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1675=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1675=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.151.1 * kernel-rt-debugsource-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.151.1 * kernel-rt-debugsource-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.151.1 * kernel-rt-debugsource-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debuginfo-5.14.21-150400.15.151.1 * kernel-rt-debugsource-5.14.21-150400.15.151.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.151.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:37:57 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:37:57 -0000 Subject: SUSE-SU-2026:1674-1: important: Security update for the Linux Kernel Message-ID: <177788387704.1375.2689163107286322990@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1674-1 Release Date: 2026-05-02T07:19:12Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to fix various security issues The following security issues were fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1674=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1674=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.244.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.244.1 * kernel-rt-debugsource-5.3.18-150300.244.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.244.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.244.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.244.1 * kernel-rt-debugsource-5.3.18-150300.244.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.244.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:38:00 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:38:00 -0000 Subject: SUSE-SU-2026:1672-1: important: Security update for the Linux Kernel Message-ID: <177788388063.1375.6916206232602404901@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1672-1 Release Date: 2026-05-02T06:02:59Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to fix one security issue. The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1672=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1672=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1672=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1672=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1672=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2026-1672=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1672=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1672=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1672=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1672=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1672=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (noarch) * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-vanilla-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * kernel-docs-html-5.14.21-150400.24.205.1 * kernel-devel-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-5.14.21-150400.24.205.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.205.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.205.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.205.1 * kernel-default-base-rebuild-5.14.21-150400.24.205.1.150400.24.104.2 * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-default-livepatch-5.14.21-150400.24.205.1 * kernel-default-extra-5.14.21-150400.24.205.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.205.1 * dlm-kmp-default-5.14.21-150400.24.205.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.205.1 * kernel-obs-build-5.14.21-150400.24.205.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.205.1 * ocfs2-kmp-default-5.14.21-150400.24.205.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.205.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.205.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.205.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.205.1 * reiserfs-kmp-default-5.14.21-150400.24.205.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.205.1 * kselftests-kmp-default-5.14.21-150400.24.205.1 * kernel-syms-5.14.21-150400.24.205.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.205.1 * kernel-default-devel-5.14.21-150400.24.205.1 * cluster-md-kmp-default-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * kernel-default-optional-5.14.21-150400.24.205.1 * kernel-obs-build-debugsource-5.14.21-150400.24.205.1 * gfs2-kmp-default-5.14.21-150400.24.205.1 * kernel-obs-qa-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.14.21-150400.24.205.1 * kernel-livepatch-5_14_21-150400_24_205-default-debuginfo-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_205-default-1-150400.9.5.1 * kernel-livepatch-SLE15-SP4_Update_51-debugsource-1-150400.9.5.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.205.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (aarch64) * dtb-exynos-5.14.21-150400.24.205.1 * dtb-qcom-5.14.21-150400.24.205.1 * dtb-allwinner-5.14.21-150400.24.205.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.205.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.205.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.205.1 * dtb-mediatek-5.14.21-150400.24.205.1 * gfs2-kmp-64kb-5.14.21-150400.24.205.1 * kselftests-kmp-64kb-5.14.21-150400.24.205.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.205.1 * dtb-rockchip-5.14.21-150400.24.205.1 * dtb-hisilicon-5.14.21-150400.24.205.1 * dtb-amd-5.14.21-150400.24.205.1 * dtb-apple-5.14.21-150400.24.205.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.205.1 * dtb-amlogic-5.14.21-150400.24.205.1 * dtb-cavium-5.14.21-150400.24.205.1 * dtb-renesas-5.14.21-150400.24.205.1 * dtb-nvidia-5.14.21-150400.24.205.1 * dtb-broadcom-5.14.21-150400.24.205.1 * dtb-lg-5.14.21-150400.24.205.1 * dtb-freescale-5.14.21-150400.24.205.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.205.1 * ocfs2-kmp-64kb-5.14.21-150400.24.205.1 * dtb-socionext-5.14.21-150400.24.205.1 * cluster-md-kmp-64kb-5.14.21-150400.24.205.1 * dlm-kmp-64kb-5.14.21-150400.24.205.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.205.1 * kernel-64kb-debugsource-5.14.21-150400.24.205.1 * dtb-amazon-5.14.21-150400.24.205.1 * dtb-apm-5.14.21-150400.24.205.1 * kernel-64kb-optional-5.14.21-150400.24.205.1 * reiserfs-kmp-64kb-5.14.21-150400.24.205.1 * dtb-altera-5.14.21-150400.24.205.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.205.1 * dtb-xilinx-5.14.21-150400.24.205.1 * kernel-64kb-devel-5.14.21-150400.24.205.1 * dtb-sprd-5.14.21-150400.24.205.1 * dtb-arm-5.14.21-150400.24.205.1 * kernel-64kb-extra-5.14.21-150400.24.205.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.205.1 * dtb-marvell-5.14.21-150400.24.205.1 * kernel-64kb-debuginfo-5.14.21-150400.24.205.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-5.14.21-150400.24.205.1 * kernel-default-debugsource-5.14.21-150400.24.205.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.205.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.205.1 * gfs2-kmp-default-5.14.21-150400.24.205.1 * cluster-md-kmp-default-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * dlm-kmp-default-5.14.21-150400.24.205.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.205.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-debugsource-5.14.21-150400.24.205.1 * kernel-64kb-debuginfo-5.14.21-150400.24.205.1 * kernel-64kb-devel-5.14.21-150400.24.205.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-syms-5.14.21-150400.24.205.1 * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-obs-build-5.14.21-150400.24.205.1 * kernel-default-devel-5.14.21-150400.24.205.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * kernel-obs-build-debugsource-5.14.21-150400.24.205.1 * reiserfs-kmp-default-5.14.21-150400.24.205.1 * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.205.1 * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-debugsource-5.14.21-150400.24.205.1 * kernel-64kb-debuginfo-5.14.21-150400.24.205.1 * kernel-64kb-devel-5.14.21-150400.24.205.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-syms-5.14.21-150400.24.205.1 * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-obs-build-5.14.21-150400.24.205.1 * kernel-default-devel-5.14.21-150400.24.205.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * kernel-obs-build-debugsource-5.14.21-150400.24.205.1 * reiserfs-kmp-default-5.14.21-150400.24.205.1 * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.205.1 * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-debugsource-5.14.21-150400.24.205.1 * kernel-64kb-debuginfo-5.14.21-150400.24.205.1 * kernel-64kb-devel-5.14.21-150400.24.205.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kernel-syms-5.14.21-150400.24.205.1 * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-default-devel-5.14.21-150400.24.205.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * kernel-obs-build-debugsource-5.14.21-150400.24.205.1 * reiserfs-kmp-default-5.14.21-150400.24.205.1 * kernel-obs-build-5.14.21-150400.24.205.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-devel-5.14.21-150400.24.205.1 * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.205.1 * kernel-zfcpdump-debugsource-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-syms-5.14.21-150400.24.205.1 * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-obs-build-5.14.21-150400.24.205.1 * kernel-default-devel-5.14.21-150400.24.205.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.205.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 * kernel-obs-build-debugsource-5.14.21-150400.24.205.1 * reiserfs-kmp-default-5.14.21-150400.24.205.1 * kernel-default-base-5.14.21-150400.24.205.1.150400.24.104.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-devel-5.14.21-150400.24.205.1 * kernel-macros-5.14.21-150400.24.205.1 * kernel-source-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.205.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_51-debugsource-1-150400.9.5.1 * kernel-livepatch-5_14_21-150400_24_205-default-debuginfo-1-150400.9.5.1 * kernel-default-debugsource-5.14.21-150400.24.205.1 * kernel-default-livepatch-5.14.21-150400.24.205.1 * kernel-default-livepatch-devel-5.14.21-150400.24.205.1 * kernel-livepatch-5_14_21-150400_24_205-default-1-150400.9.5.1 * kernel-default-debuginfo-5.14.21-150400.24.205.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:38:05 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:38:05 -0000 Subject: SUSE-SU-2026:1671-1: important: Security update for the Linux Kernel Message-ID: <177788388545.1375.12652943515885156809@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1671-1 Release Date: 2026-05-02T06:01:09Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1671=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-1671=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1671=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1671=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1671=1 ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (noarch) * kernel-source-vanilla-6.4.0-150600.23.100.1 * kernel-macros-6.4.0-150600.23.100.1 * kernel-devel-6.4.0-150600.23.100.1 * kernel-source-6.4.0-150600.23.100.1 * kernel-docs-html-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-devel-6.4.0-150600.23.100.1 * kernel-debug-devel-debuginfo-6.4.0-150600.23.100.1 * kernel-debug-debugsource-6.4.0-150600.23.100.1 * kernel-debug-debuginfo-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (x86_64) * kernel-debug-vdso-debuginfo-6.4.0-150600.23.100.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.100.1 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.100.1 * kernel-kvmsmall-vdso-6.4.0-150600.23.100.1 * kernel-default-vdso-6.4.0-150600.23.100.1 * kernel-debug-vdso-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-6.4.0-150600.23.100.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.100.1 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.100.1 * kernel-default-base-rebuild-6.4.0-150600.23.100.1.150600.12.46.2 * kernel-default-base-6.4.0-150600.23.100.1.150600.12.46.2 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-extra-6.4.0-150600.23.100.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-debugsource-6.4.0-150600.23.100.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kselftests-kmp-default-6.4.0-150600.23.100.1 * dlm-kmp-default-6.4.0-150600.23.100.1 * ocfs2-kmp-default-6.4.0-150600.23.100.1 * kernel-obs-build-6.4.0-150600.23.100.1 * gfs2-kmp-default-6.4.0-150600.23.100.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.100.1 * kernel-default-devel-6.4.0-150600.23.100.1 * kernel-syms-6.4.0-150600.23.100.1 * kernel-obs-qa-6.4.0-150600.23.100.1 * kernel-obs-build-debugsource-6.4.0-150600.23.100.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.100.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.100.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-livepatch-6.4.0-150600.23.100.1 * cluster-md-kmp-default-6.4.0-150600.23.100.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-optional-6.4.0-150600.23.100.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.100.1 * reiserfs-kmp-default-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_23-debugsource-1-150600.13.5.1 * kernel-livepatch-6_4_0-150600_23_100-default-1-150600.13.5.1 * kernel-livepatch-6_4_0-150600_23_100-default-debuginfo-1-150600.13.5.1 * kernel-default-livepatch-devel-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.100.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64) * dtb-mediatek-6.4.0-150600.23.100.1 * cluster-md-kmp-64kb-6.4.0-150600.23.100.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.100.1 * dtb-lg-6.4.0-150600.23.100.1 * dtb-apple-6.4.0-150600.23.100.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * ocfs2-kmp-64kb-6.4.0-150600.23.100.1 * dtb-marvell-6.4.0-150600.23.100.1 * kselftests-kmp-64kb-6.4.0-150600.23.100.1 * gfs2-kmp-64kb-6.4.0-150600.23.100.1 * dtb-hisilicon-6.4.0-150600.23.100.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * reiserfs-kmp-64kb-6.4.0-150600.23.100.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.100.1 * dtb-exynos-6.4.0-150600.23.100.1 * dtb-sprd-6.4.0-150600.23.100.1 * dtb-apm-6.4.0-150600.23.100.1 * dtb-amazon-6.4.0-150600.23.100.1 * kernel-64kb-optional-6.4.0-150600.23.100.1 * dtb-freescale-6.4.0-150600.23.100.1 * kernel-64kb-extra-6.4.0-150600.23.100.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * dtb-arm-6.4.0-150600.23.100.1 * dtb-amlogic-6.4.0-150600.23.100.1 * dtb-nvidia-6.4.0-150600.23.100.1 * dtb-allwinner-6.4.0-150600.23.100.1 * dtb-rockchip-6.4.0-150600.23.100.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * dtb-broadcom-6.4.0-150600.23.100.1 * kernel-64kb-debugsource-6.4.0-150600.23.100.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * dtb-socionext-6.4.0-150600.23.100.1 * dtb-xilinx-6.4.0-150600.23.100.1 * dtb-qcom-6.4.0-150600.23.100.1 * dtb-renesas-6.4.0-150600.23.100.1 * dtb-amd-6.4.0-150600.23.100.1 * kernel-64kb-debuginfo-6.4.0-150600.23.100.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * dlm-kmp-64kb-6.4.0-150600.23.100.1 * dtb-cavium-6.4.0-150600.23.100.1 * kernel-64kb-devel-6.4.0-150600.23.100.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.100.1 * dtb-altera-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.100.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.100.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-debugsource-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.100.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-syms-6.4.0-150600.23.100.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.100.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.100.1 * dlm-kmp-default-6.4.0-150600.23.100.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.100.1 * kernel-obs-build-6.4.0-150600.23.100.1 * kernel-obs-build-debugsource-6.4.0-150600.23.100.1 * ocfs2-kmp-default-6.4.0-150600.23.100.1 * gfs2-kmp-default-6.4.0-150600.23.100.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-devel-6.4.0-150600.23.100.1 * cluster-md-kmp-default-6.4.0-150600.23.100.1 * kernel-default-debugsource-6.4.0-150600.23.100.1 * reiserfs-kmp-default-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64) * kernel-64kb-devel-debuginfo-6.4.0-150600.23.100.1 * kernel-64kb-debuginfo-6.4.0-150600.23.100.1 * kernel-64kb-devel-6.4.0-150600.23.100.1 * kernel-64kb-debugsource-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.100.1.150600.12.46.2 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * kernel-devel-6.4.0-150600.23.100.1 * kernel-source-6.4.0-150600.23.100.1 * kernel-macros-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch nosrc) * kernel-docs-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.100.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.100.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-syms-6.4.0-150600.23.100.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.100.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.100.1 * dlm-kmp-default-6.4.0-150600.23.100.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.100.1 * kernel-obs-build-6.4.0-150600.23.100.1 * kernel-obs-build-debugsource-6.4.0-150600.23.100.1 * ocfs2-kmp-default-6.4.0-150600.23.100.1 * gfs2-kmp-default-6.4.0-150600.23.100.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-base-6.4.0-150600.23.100.1.150600.12.46.2 * kernel-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-devel-6.4.0-150600.23.100.1 * cluster-md-kmp-default-6.4.0-150600.23.100.1 * kernel-default-debugsource-6.4.0-150600.23.100.1 * reiserfs-kmp-default-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (nosrc ppc64le x86_64) * kernel-default-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * kernel-devel-6.4.0-150600.23.100.1 * kernel-source-6.4.0-150600.23.100.1 * kernel-macros-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.100.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_100-default-1-150600.13.5.1 * kernel-livepatch-SLE15-SP6_Update_23-debugsource-1-150600.13.5.1 * kernel-default-debuginfo-6.4.0-150600.23.100.1 * kernel-livepatch-6_4_0-150600_23_100-default-debuginfo-1-150600.13.5.1 * kernel-default-livepatch-6.4.0-150600.23.100.1 * kernel-default-debugsource-6.4.0-150600.23.100.1 * kernel-default-livepatch-devel-6.4.0-150600.23.100.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 08:38:16 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 08:38:16 -0000 Subject: SUSE-SU-2026:1670-1: important: Security update for the Linux Kernel Message-ID: <177788389625.1375.15083996055340246990@dde0e951fc7e> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1670-1 Release Date: 2026-05-02T05:53:43Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1670=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1670=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1670=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1670=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1670=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1670=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1670=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.149.1 * kernel-default-debuginfo-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-macros-5.14.21-150500.55.149.1 * kernel-source-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2 * gfs2-kmp-default-5.14.21-150500.55.149.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-obs-build-5.14.21-150500.55.149.1 * dlm-kmp-default-5.14.21-150500.55.149.1 * ocfs2-kmp-default-5.14.21-150500.55.149.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debugsource-5.14.21-150500.55.149.1 * kernel-obs-build-debugsource-5.14.21-150500.55.149.1 * kernel-default-devel-5.14.21-150500.55.149.1 * kernel-syms-5.14.21-150500.55.149.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-default-5.14.21-150500.55.149.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.149.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.149.1 * kernel-64kb-devel-5.14.21-150500.55.149.1 * kernel-64kb-debuginfo-5.14.21-150500.55.149.1 * kernel-64kb-debugsource-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.149.1 * kernel-macros-5.14.21-150500.55.149.1 * kernel-source-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2 * gfs2-kmp-default-5.14.21-150500.55.149.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-obs-build-5.14.21-150500.55.149.1 * dlm-kmp-default-5.14.21-150500.55.149.1 * ocfs2-kmp-default-5.14.21-150500.55.149.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debugsource-5.14.21-150500.55.149.1 * kernel-obs-build-debugsource-5.14.21-150500.55.149.1 * kernel-default-devel-5.14.21-150500.55.149.1 * kernel-syms-5.14.21-150500.55.149.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-default-5.14.21-150500.55.149.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.149.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.149.1 * kernel-64kb-devel-5.14.21-150500.55.149.1 * kernel-64kb-debuginfo-5.14.21-150500.55.149.1 * kernel-64kb-debugsource-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.149.1 * kernel-macros-5.14.21-150500.55.149.1 * kernel-source-5.14.21-150500.55.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-obs-build-5.14.21-150500.55.149.1 * gfs2-kmp-default-5.14.21-150500.55.149.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * ocfs2-kmp-default-5.14.21-150500.55.149.1 * dlm-kmp-default-5.14.21-150500.55.149.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debugsource-5.14.21-150500.55.149.1 * kernel-obs-build-debugsource-5.14.21-150500.55.149.1 * kernel-default-devel-5.14.21-150500.55.149.1 * kernel-syms-5.14.21-150500.55.149.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-default-5.14.21-150500.55.149.1 * reiserfs-kmp-default-5.14.21-150500.55.149.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.149.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.149.1 * kernel-64kb-devel-5.14.21-150500.55.149.1 * kernel-64kb-debuginfo-5.14.21-150500.55.149.1 * kernel-64kb-debugsource-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * kernel-devel-5.14.21-150500.55.149.1 * kernel-macros-5.14.21-150500.55.149.1 * kernel-source-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc) * kernel-docs-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.149.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2 * gfs2-kmp-default-5.14.21-150500.55.149.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-obs-build-5.14.21-150500.55.149.1 * dlm-kmp-default-5.14.21-150500.55.149.1 * ocfs2-kmp-default-5.14.21-150500.55.149.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debugsource-5.14.21-150500.55.149.1 * kernel-obs-build-debugsource-5.14.21-150500.55.149.1 * kernel-default-devel-5.14.21-150500.55.149.1 * kernel-syms-5.14.21-150500.55.149.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-default-5.14.21-150500.55.149.1 * reiserfs-kmp-default-5.14.21-150500.55.149.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.149.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * kernel-devel-5.14.21-150500.55.149.1 * kernel-macros-5.14.21-150500.55.149.1 * kernel-source-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.149.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.14.21-150500.55.149.1 * kernel-default-debugsource-5.14.21-150500.55.149.1 * kernel-default-livepatch-5.14.21-150500.55.149.1 * kernel-default-debuginfo-5.14.21-150500.55.149.1 * kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1 * kernel-livepatch-SLE15-SP5_Update_38-debugsource-1-150500.11.5.1 * kernel-livepatch-5_14_21-150500_55_149-default-debuginfo-1-150500.11.5.1 * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-5.14.21-150500.55.149.1 * kernel-source-vanilla-5.14.21-150500.55.149.1 * kernel-docs-html-5.14.21-150500.55.149.1 * kernel-macros-5.14.21-150500.55.149.1 * kernel-source-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.149.1.150500.6.73.2 * kernel-kvmsmall-devel-5.14.21-150500.55.149.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.149.1 * kernel-default-base-rebuild-5.14.21-150500.55.149.1.150500.6.73.2 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.149.1 * kernel-kvmsmall-debugsource-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-default-optional-5.14.21-150500.55.149.1 * kernel-default-debugsource-5.14.21-150500.55.149.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.149.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * gfs2-kmp-default-5.14.21-150500.55.149.1 * kernel-default-extra-5.14.21-150500.55.149.1 * kernel-default-devel-5.14.21-150500.55.149.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kselftests-kmp-default-5.14.21-150500.55.149.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.149.1 * kernel-obs-qa-5.14.21-150500.55.149.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.149.1 * ocfs2-kmp-default-5.14.21-150500.55.149.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-default-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.149.1 * kernel-obs-build-5.14.21-150500.55.149.1 * dlm-kmp-default-5.14.21-150500.55.149.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.149.1 * kernel-default-livepatch-5.14.21-150500.55.149.1 * kernel-obs-build-debugsource-5.14.21-150500.55.149.1 * kernel-syms-5.14.21-150500.55.149.1 * cluster-md-kmp-default-5.14.21-150500.55.149.1 * reiserfs-kmp-default-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_149-default-1-150500.11.5.1 * kernel-default-livepatch-devel-5.14.21-150500.55.149.1 * kernel-livepatch-5_14_21-150500_55_149-default-debuginfo-1-150500.11.5.1 * kernel-livepatch-SLE15-SP5_Update_38-debugsource-1-150500.11.5.1 * openSUSE Leap 15.5 (x86_64) * kernel-kvmsmall-vdso-5.14.21-150500.55.149.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.149.1 * kernel-default-vdso-debuginfo-5.14.21-150500.55.149.1 * kernel-default-vdso-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.149.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (aarch64) * dtb-cavium-5.14.21-150500.55.149.1 * dtb-hisilicon-5.14.21-150500.55.149.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.149.1 * kernel-64kb-optional-5.14.21-150500.55.149.1 * dtb-arm-5.14.21-150500.55.149.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.149.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.149.1 * dtb-nvidia-5.14.21-150500.55.149.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-64kb-5.14.21-150500.55.149.1 * dtb-xilinx-5.14.21-150500.55.149.1 * dtb-amd-5.14.21-150500.55.149.1 * dtb-allwinner-5.14.21-150500.55.149.1 * dtb-marvell-5.14.21-150500.55.149.1 * kernel-64kb-devel-5.14.21-150500.55.149.1 * kernel-64kb-extra-5.14.21-150500.55.149.1 * ocfs2-kmp-64kb-5.14.21-150500.55.149.1 * dtb-amlogic-5.14.21-150500.55.149.1 * dtb-apm-5.14.21-150500.55.149.1 * dtb-exynos-5.14.21-150500.55.149.1 * dtb-mediatek-5.14.21-150500.55.149.1 * dtb-altera-5.14.21-150500.55.149.1 * dlm-kmp-64kb-5.14.21-150500.55.149.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.149.1 * dtb-sprd-5.14.21-150500.55.149.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.149.1 * dtb-rockchip-5.14.21-150500.55.149.1 * dtb-apple-5.14.21-150500.55.149.1 * dtb-renesas-5.14.21-150500.55.149.1 * gfs2-kmp-64kb-5.14.21-150500.55.149.1 * kernel-64kb-debugsource-5.14.21-150500.55.149.1 * kselftests-kmp-64kb-5.14.21-150500.55.149.1 * dtb-freescale-5.14.21-150500.55.149.1 * reiserfs-kmp-64kb-5.14.21-150500.55.149.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.149.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.149.1 * dtb-socionext-5.14.21-150500.55.149.1 * kernel-64kb-debuginfo-5.14.21-150500.55.149.1 * dtb-lg-5.14.21-150500.55.149.1 * dtb-broadcom-5.14.21-150500.55.149.1 * dtb-qcom-5.14.21-150500.55.149.1 * dtb-amazon-5.14.21-150500.55.149.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.149.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.149.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 4 16:30:05 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 May 2026 16:30:05 -0000 Subject: SUSE-SU-2026:1671-2: important: Security update for the Linux Kernel Message-ID: <177791220574.1800.8110198495906915794@9f1e1d6b19fe> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1671-2 Release Date: 2026-05-04T09:19:32Z Rating: important References: * bsc#1262573 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to fix one security issue The following security issue was fixed: * CVE-2026-31431: The copy.fail security issue is fixed by revert to operating out-of-place in algif_aead (bsc#1262573). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1671=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-6.4.0-150600.23.100.1 * kernel-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.100.1 * kernel-default-debugsource-6.4.0-150600.23.100.1 * kernel-syms-6.4.0-150600.23.100.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.100.1 * gfs2-kmp-default-6.4.0-150600.23.100.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.100.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.100.1 * cluster-md-kmp-default-6.4.0-150600.23.100.1 * kernel-obs-qa-6.4.0-150600.23.100.1 * kernel-default-devel-6.4.0-150600.23.100.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.100.1 * dlm-kmp-default-6.4.0-150600.23.100.1 * kernel-obs-build-debugsource-6.4.0-150600.23.100.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.100.1 * reiserfs-kmp-default-6.4.0-150600.23.100.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.100.1 * kselftests-kmp-default-6.4.0-150600.23.100.1 * ocfs2-kmp-default-6.4.0-150600.23.100.1 * kernel-default-livepatch-6.4.0-150600.23.100.1 * kernel-default-optional-6.4.0-150600.23.100.1 * kernel-default-extra-6.4.0-150600.23.100.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-devel-debuginfo-6.4.0-150600.23.100.1 * kernel-debug-debugsource-6.4.0-150600.23.100.1 * kernel-debug-debuginfo-6.4.0-150600.23.100.1 * kernel-debug-devel-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (x86_64) * kernel-debug-vdso-debuginfo-6.4.0-150600.23.100.1 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.100.1 * kernel-default-vdso-6.4.0-150600.23.100.1 * kernel-debug-vdso-6.4.0-150600.23.100.1 * kernel-kvmsmall-vdso-6.4.0-150600.23.100.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.100.1 * kernel-default-base-6.4.0-150600.23.100.1.150600.12.46.2 * kernel-kvmsmall-devel-6.4.0-150600.23.100.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.100.1 * kernel-default-base-rebuild-6.4.0-150600.23.100.1.150600.12.46.2 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (noarch) * kernel-devel-6.4.0-150600.23.100.1 * kernel-docs-html-6.4.0-150600.23.100.1 * kernel-source-6.4.0-150600.23.100.1 * kernel-macros-6.4.0-150600.23.100.1 * kernel-source-vanilla-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.100.1 * kernel-zfcpdump-debugsource-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64) * cluster-md-kmp-64kb-6.4.0-150600.23.100.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * dtb-nvidia-6.4.0-150600.23.100.1 * dtb-allwinner-6.4.0-150600.23.100.1 * kselftests-kmp-64kb-6.4.0-150600.23.100.1 * kernel-64kb-debugsource-6.4.0-150600.23.100.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.100.1 * dtb-amlogic-6.4.0-150600.23.100.1 * dtb-lg-6.4.0-150600.23.100.1 * dtb-qcom-6.4.0-150600.23.100.1 * kernel-64kb-devel-6.4.0-150600.23.100.1 * gfs2-kmp-64kb-6.4.0-150600.23.100.1 * dtb-marvell-6.4.0-150600.23.100.1 * dtb-cavium-6.4.0-150600.23.100.1 * dtb-renesas-6.4.0-150600.23.100.1 * dtb-sprd-6.4.0-150600.23.100.1 * dtb-socionext-6.4.0-150600.23.100.1 * dtb-amazon-6.4.0-150600.23.100.1 * ocfs2-kmp-64kb-6.4.0-150600.23.100.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * dtb-apple-6.4.0-150600.23.100.1 * dtb-mediatek-6.4.0-150600.23.100.1 * dtb-xilinx-6.4.0-150600.23.100.1 * dtb-exynos-6.4.0-150600.23.100.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.100.1 * dtb-arm-6.4.0-150600.23.100.1 * dlm-kmp-64kb-6.4.0-150600.23.100.1 * dtb-broadcom-6.4.0-150600.23.100.1 * dtb-amd-6.4.0-150600.23.100.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * kernel-64kb-debuginfo-6.4.0-150600.23.100.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * dtb-apm-6.4.0-150600.23.100.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.100.1 * dtb-rockchip-6.4.0-150600.23.100.1 * kernel-64kb-optional-6.4.0-150600.23.100.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.100.1 * reiserfs-kmp-64kb-6.4.0-150600.23.100.1 * dtb-hisilicon-6.4.0-150600.23.100.1 * kernel-64kb-extra-6.4.0-150600.23.100.1 * dtb-freescale-6.4.0-150600.23.100.1 * dtb-altera-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.100.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.100.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1262573 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 5 12:30:18 2026 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 May 2026 12:30:18 -0000 Subject: SUSE-SU-2026:1691-1: important: Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7) Message-ID: <177798421869.2105.6418496259270325783@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1691-1 Release Date: 2026-05-05T07:04:40Z Rating: important References: * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1691=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_28-rt-debuginfo-5-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_8-debugsource-5-150700.2.1 * kernel-livepatch-6_4_0-150700_7_28-rt-5-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 5 12:30:26 2026 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 May 2026 12:30:26 -0000 Subject: SUSE-SU-2026:1689-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) Message-ID: <177798422656.2105.16913216808087285386@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1689-1 Release Date: 2026-05-05T06:34:34Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.31 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1689=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_31-rt-4-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_9-debugsource-4-150700.2.1 * kernel-livepatch-6_4_0-150700_7_31-rt-debuginfo-4-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 5 12:30:29 2026 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 May 2026 12:30:29 -0000 Subject: SUSE-SU-2026:1690-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise 15 SP7) Message-ID: <177798422948.2105.16859416908578497696@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1690-1 Release Date: 2026-05-05T06:34:37Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.37 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1690=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-1683=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_37-rt-debuginfo-2-150700.2.1 * kernel-livepatch-6_4_0-150700_7_37-rt-2-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_11-debugsource-2-150700.2.1 * kernel-livepatch-6_4_0-150700_7_34-rt-debuginfo-2-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_10-debugsource-2-150700.2.1 * kernel-livepatch-6_4_0-150700_7_34-rt-2-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 5 12:30:38 2026 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 May 2026 12:30:38 -0000 Subject: SUSE-SU-2026:1686-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise 15 SP7) Message-ID: <177798423816.2105.6592530154765774192@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1686-1 Release Date: 2026-05-05T06:34:31Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.25 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1686=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-1681=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-1682=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-1687=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-1688=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_7_19-rt-7-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_6-debugsource-6-150700.2.1 * kernel-livepatch-6_4_0-150700_7_25-rt-5-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_3-debugsource-10-150700.2.1 * kernel-livepatch-6_4_0-150700_7_16-rt-debuginfo-10-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_5-debugsource-7-150700.2.1 * kernel-livepatch-6_4_0-150700_7_13-rt-debuginfo-10-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_4-debugsource-10-150700.2.1 * kernel-livepatch-6_4_0-150700_7_16-rt-10-150700.2.1 * kernel-livepatch-6_4_0-150700_7_19-rt-debuginfo-7-150700.2.1 * kernel-livepatch-6_4_0-150700_7_22-rt-debuginfo-6-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_7-debugsource-5-150700.2.1 * kernel-livepatch-6_4_0-150700_7_25-rt-debuginfo-5-150700.2.1 * kernel-livepatch-6_4_0-150700_7_22-rt-6-150700.2.1 * kernel-livepatch-6_4_0-150700_7_13-rt-10-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 5 12:30:52 2026 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 May 2026 12:30:52 -0000 Subject: SUSE-SU-2026:1684-1: important: Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7) Message-ID: <177798425256.2105.15032106949087986198@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1684-1 Release Date: 2026-05-05T06:34:23Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.8 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1684=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-1685=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-1680=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-6_4_0-150700_5-rt-debuginfo-15-150700.3.1 * kernel-livepatch-6_4_0-150700_5-rt-15-150700.3.1 * kernel-livepatch-6_4_0-150700_7_3-rt-debuginfo-15-150700.2.1 * kernel-livepatch-6_4_0-150700_7_8-rt-debuginfo-14-150700.2.1 * kernel-livepatch-6_4_0-150700_7_3-rt-15-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_2-debugsource-14-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_1-debugsource-15-150700.2.1 * kernel-livepatch-6_4_0-150700_7_8-rt-14-150700.2.1 * kernel-livepatch-SLE15-SP7-RT_Update_0-debugsource-15-150700.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue May 5 16:30:11 2026 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 May 2026 16:30:11 -0000 Subject: SUSE-SU-2026:1692-1: moderate: Security update for xen Message-ID: <177799861100.2418.1049867165774597768@1f74500a55eb> # Security update for xen Announcement ID: SUSE-SU-2026:1692-1 Release Date: 2026-05-05T08:03:59Z Rating: moderate References: * bsc#1262178 * bsc#1262180 * bsc#1262428 Cross-References: * CVE-2025-54505 * CVE-2026-23557 * CVE-2026-23558 CVSS scores: * CVE-2025-54505 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-54505 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-54505 ( NVD ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23557 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-23558 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23558 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves three vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD- SN-7053 (bsc#1262428). * CVE-2026-23557: Xenstored DoS via XS_RESET_WATCHES command (bsc#1262178). * CVE-2026-23558: grant table v2 race in status page mapping (bsc#1262180). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1692=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1692=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1692=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1692=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1692=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-debugsource-4.16.7_08-150400.4.81.2 * xen-libs-4.16.7_08-150400.4.81.2 * xen-libs-debuginfo-4.16.7_08-150400.4.81.2 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-debugsource-4.16.7_08-150400.4.81.2 * xen-libs-4.16.7_08-150400.4.81.2 * xen-libs-debuginfo-4.16.7_08-150400.4.81.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-debugsource-4.16.7_08-150400.4.81.2 * xen-libs-4.16.7_08-150400.4.81.2 * xen-libs-debuginfo-4.16.7_08-150400.4.81.2 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-debugsource-4.16.7_08-150400.4.81.2 * xen-libs-4.16.7_08-150400.4.81.2 * xen-libs-debuginfo-4.16.7_08-150400.4.81.2 * openSUSE Leap 15.4 (aarch64 x86_64 i586) * xen-libs-debuginfo-4.16.7_08-150400.4.81.2 * xen-devel-4.16.7_08-150400.4.81.2 * xen-tools-domU-4.16.7_08-150400.4.81.2 * xen-tools-domU-debuginfo-4.16.7_08-150400.4.81.2 * xen-libs-4.16.7_08-150400.4.81.2 * xen-debugsource-4.16.7_08-150400.4.81.2 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-debuginfo-4.16.7_08-150400.4.81.2 * xen-libs-32bit-4.16.7_08-150400.4.81.2 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-tools-debuginfo-4.16.7_08-150400.4.81.2 * xen-doc-html-4.16.7_08-150400.4.81.2 * xen-4.16.7_08-150400.4.81.2 * xen-tools-4.16.7_08-150400.4.81.2 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.7_08-150400.4.81.2 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.16.7_08-150400.4.81.2 * xen-libs-64bit-4.16.7_08-150400.4.81.2 ## References: * https://www.suse.com/security/cve/CVE-2025-54505.html * https://www.suse.com/security/cve/CVE-2026-23557.html * https://www.suse.com/security/cve/CVE-2026-23558.html * https://bugzilla.suse.com/show_bug.cgi?id=1262178 * https://bugzilla.suse.com/show_bug.cgi?id=1262180 * https://bugzilla.suse.com/show_bug.cgi?id=1262428 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 12:30:15 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 12:30:15 -0000 Subject: SUSE-SU-2026:1698-1: important: Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7) Message-ID: <177807061581.1556.16609371227805394447@3b8fe1ea1822> # Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1698-1 Release Date: 2026-05-06T01:49:45Z Rating: important References: * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.28 fixes various security issues The following security issues were fixed: * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1698=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_28-default-5-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_8-debugsource-5-150700.2.1 * kernel-livepatch-6_4_0-150700_53_28-default-debuginfo-5-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 12:30:25 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 12:30:25 -0000 Subject: SUSE-SU-2026:1694-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7) Message-ID: <177807062522.1556.928674983164319100@3b8fe1ea1822> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1694-1 Release Date: 2026-05-06T00:22:33Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.25 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1696=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-1697=1 SUSE-SLE-Module-Live- Patching-15-SP7-2026-1694=1 SUSE-SLE-Module-Live-Patching-15-SP7-2026-1695=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP7_Update_7-debugsource-5-150700.2.1 * kernel-livepatch-6_4_0-150700_53_22-default-debuginfo-5-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_6-debugsource-5-150700.2.1 * kernel-livepatch-6_4_0-150700_53_11-default-debuginfo-10-150700.2.1 * kernel-livepatch-6_4_0-150700_53_25-default-debuginfo-5-150700.2.1 * kernel-livepatch-6_4_0-150700_53_25-default-5-150700.2.1 * kernel-livepatch-6_4_0-150700_53_11-default-10-150700.2.1 * kernel-livepatch-6_4_0-150700_53_22-default-5-150700.2.1 * kernel-livepatch-6_4_0-150700_53_16-default-10-150700.2.1 * kernel-livepatch-6_4_0-150700_53_16-default-debuginfo-10-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_4-debugsource-10-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_3-debugsource-10-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 12:30:29 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 12:30:29 -0000 Subject: SUSE-SU-2026:1702-1: important: Security update for libpng12 Message-ID: <177807062986.1556.1304644507753831175@3b8fe1ea1822> # Security update for libpng12 Announcement ID: SUSE-SU-2026:1702-1 Release Date: 2026-05-06T07:43:00Z Rating: important References: * bsc#1260754 * bsc#1261957 * jsc#PED-16191 Cross-References: * CVE-2026-33416 * CVE-2026-34757 CVSS scores: * CVE-2026-33416 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-33416 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-33416 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-34757 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-34757 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-34757 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for libpng12 fixes the following issues: Update to version 1.2.59 (jsc#PED-16191). * CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code execution (bsc#1260754). * CVE-2026-34757: use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST` can lead to corrupted chunk data and potential heap information disclosure (bsc#1261957). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1702=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1702=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpng12-0-1.2.59-20.14.1 * libpng12-devel-1.2.59-20.14.1 * libpng12-compat-devel-1.2.59-20.14.1 * libpng12-0-debuginfo-1.2.59-20.14.1 * libpng12-debugsource-1.2.59-20.14.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libpng12-0-32bit-1.2.59-20.14.1 * libpng12-0-debuginfo-32bit-1.2.59-20.14.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpng12-0-debuginfo-32bit-1.2.59-20.14.1 * libpng12-0-1.2.59-20.14.1 * libpng12-devel-1.2.59-20.14.1 * libpng12-debugsource-1.2.59-20.14.1 * libpng12-compat-devel-1.2.59-20.14.1 * libpng12-0-debuginfo-1.2.59-20.14.1 * libpng12-0-32bit-1.2.59-20.14.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33416.html * https://www.suse.com/security/cve/CVE-2026-34757.html * https://bugzilla.suse.com/show_bug.cgi?id=1260754 * https://bugzilla.suse.com/show_bug.cgi?id=1261957 * https://jira.suse.com/browse/PED-16191 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 12:30:33 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 12:30:33 -0000 Subject: SUSE-SU-2026:1701-1: important: Security update for PackageKit Message-ID: <177807063309.1556.5895567432756905390@3b8fe1ea1822> # Security update for PackageKit Announcement ID: SUSE-SU-2026:1701-1 Release Date: 2026-05-06T07:42:47Z Rating: important References: * bsc#1262220 Cross-References: * CVE-2026-41651 CVSS scores: * CVE-2026-41651 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-41651 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-41651 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for PackageKit fixes the following issue: * CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE (bsc#1262220). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1701=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1701=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * PackageKit-backend-zypp-1.1.3-24.23.1 * PackageKit-devel-1.1.3-24.23.1 * typelib-1_0-PackageKitGlib-1_0-1.1.3-24.23.1 * libpackagekit-glib2-18-debuginfo-1.1.3-24.23.1 * PackageKit-debuginfo-1.1.3-24.23.1 * libpackagekit-glib2-devel-1.1.3-24.23.1 * PackageKit-1.1.3-24.23.1 * PackageKit-debugsource-1.1.3-24.23.1 * libpackagekit-glib2-18-1.1.3-24.23.1 * PackageKit-devel-debuginfo-1.1.3-24.23.1 * PackageKit-backend-zypp-debuginfo-1.1.3-24.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * PackageKit-lang-1.1.3-24.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * PackageKit-backend-zypp-1.1.3-24.23.1 * PackageKit-devel-1.1.3-24.23.1 * typelib-1_0-PackageKitGlib-1_0-1.1.3-24.23.1 * libpackagekit-glib2-18-debuginfo-1.1.3-24.23.1 * PackageKit-debuginfo-1.1.3-24.23.1 * libpackagekit-glib2-devel-1.1.3-24.23.1 * PackageKit-1.1.3-24.23.1 * PackageKit-debugsource-1.1.3-24.23.1 * libpackagekit-glib2-18-1.1.3-24.23.1 * PackageKit-devel-debuginfo-1.1.3-24.23.1 * PackageKit-backend-zypp-debuginfo-1.1.3-24.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * PackageKit-lang-1.1.3-24.23.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41651.html * https://bugzilla.suse.com/show_bug.cgi?id=1262220 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 12:30:37 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 12:30:37 -0000 Subject: SUSE-SU-2026:1700-1: important: Security update for PackageKit Message-ID: <177807063731.1556.4007069083897138439@3b8fe1ea1822> # Security update for PackageKit Announcement ID: SUSE-SU-2026:1700-1 Release Date: 2026-05-06T07:42:37Z Rating: important References: * bsc#1262220 Cross-References: * CVE-2026-41651 CVSS scores: * CVE-2026-41651 ( SUSE ): 9.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2026-41651 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-41651 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for PackageKit fixes the following issue: * CVE-2026-41651: race condition allows for arbitrary RPM package installation as root and can lead to LPE (bsc#1262220). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1700=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1700=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1700=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1700=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1700=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * PackageKit-backend-dnf-1.2.4-150400.3.31.1 * PackageKit-gtk3-module-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.31.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.31.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * openSUSE Leap 15.4 (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 * PackageKit-branding-upstream-1.2.4-150400.3.31.1 * openSUSE Leap 15.4 (x86_64) * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-32bit-1.2.4-150400.3.31.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpackagekit-glib2-18-64bit-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-64bit-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-64bit-1.2.4-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-devel-1.2.4-150400.3.31.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.31.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.31.1 * PackageKit-devel-1.2.4-150400.3.31.1 * PackageKit-debugsource-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.31.1 * libpackagekit-glib2-18-1.2.4-150400.3.31.1 * PackageKit-1.2.4-150400.3.31.1 * PackageKit-backend-zypp-1.2.4-150400.3.31.1 * PackageKit-debuginfo-1.2.4-150400.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * PackageKit-lang-1.2.4-150400.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41651.html * https://bugzilla.suse.com/show_bug.cgi?id=1262220 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 12:30:40 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 12:30:40 -0000 Subject: SUSE-SU-2026:1699-1: moderate: Security update for sed Message-ID: <177807064067.1556.16387317695780561975@3b8fe1ea1822> # Security update for sed Announcement ID: SUSE-SU-2026:1699-1 Release Date: 2026-05-06T07:26:45Z Rating: moderate References: * bsc#1262144 Cross-References: * CVE-2026-5958 CVSS scores: * CVE-2026-5958 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:N * CVE-2026-5958 ( SUSE ): 6.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N * CVE-2026-5958 ( NVD ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for sed fixes the following issue: * CVE-2026-5958: a TOCTOU race can allow to read attacker-controlled content and write it to an unintended file (bsc#1262144). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1699=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * sed-4.2.2-7.6.1 * sed-debugsource-4.2.2-7.6.1 * sed-debuginfo-4.2.2-7.6.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * sed-lang-4.2.2-7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-5958.html * https://bugzilla.suse.com/show_bug.cgi?id=1262144 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 16:30:14 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 16:30:14 -0000 Subject: SUSE-SU-2026:1710-1: important: Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7) Message-ID: <177808501408.3066.8791965449720902781@9f1e1d6b19fe> # Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1710-1 Release Date: 2026-05-06T11:38:10Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.19 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1710=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP7_Update_5-debugsource-7-150700.2.1 * kernel-livepatch-6_4_0-150700_53_19-default-7-150700.2.1 * kernel-livepatch-6_4_0-150700_53_19-default-debuginfo-7-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 16:30:24 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 16:30:24 -0000 Subject: SUSE-SU-2026:1708-1: important: Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) Message-ID: <177808502483.3066.11644469892997110117@9f1e1d6b19fe> # Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1708-1 Release Date: 2026-05-06T11:04:11Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.6 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1709=1 SUSE-SLE- Module-Live-Patching-15-SP7-2026-1708=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_3-default-15-150700.2.1 * kernel-livepatch-6_4_0-150700_53_6-default-debuginfo-14-150700.2.1 * kernel-livepatch-6_4_0-150700_53_6-default-14-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_1-debugsource-15-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_2-debugsource-14-150700.2.1 * kernel-livepatch-6_4_0-150700_53_3-default-debuginfo-15-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 16:30:28 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 16:30:28 -0000 Subject: SUSE-SU-2026:1706-1: important: Security update for the Linux Kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5) Message-ID: <177808502823.3066.2916634440940175161@9f1e1d6b19fe> # Security update for the Linux Kernel (Live Patch 79 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1706-1 Release Date: 2026-05-06T10:28:46Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.299 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1706=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_299-default-2-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 16:30:33 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 16:30:33 -0000 Subject: SUSE-FU-2026:1707-1: moderate: Feature update for aliyun-alinas-utils Message-ID: <177808503396.3066.12612554672243218929@9f1e1d6b19fe> # Feature update for aliyun-alinas-utils Announcement ID: SUSE-FU-2026:1707-1 Release Date: 2026-05-06T10:30:18Z Rating: moderate References: * jsc#PED-14574 Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that contains one feature can now be installed. ## Description: This update for aliyun-alinas-utils fixes the following issues: * New package implementation of aliyun-alinas-utils (jsc#PED-14574) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1707=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2026-1707=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2026-1707=1 * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2026-1707=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * aliyun-alinas-utils-2.2+20260207_0a55ca4-150500.11.3.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * aliyun-alinas-utils-2.2+20260207_0a55ca4-150500.11.3.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * aliyun-alinas-utils-2.2+20260207_0a55ca4-150500.11.3.1 * Public Cloud Module 15-SP7 (aarch64 ppc64le s390x x86_64) * aliyun-alinas-utils-2.2+20260207_0a55ca4-150500.11.3.1 ## References: * https://jira.suse.com/browse/PED-14574 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 16:30:46 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 16:30:46 -0000 Subject: SUSE-SU-2026:1705-1: important: Security update for java-21-openjdk Message-ID: <177808504651.3066.12305996726144397236@9f1e1d6b19fe> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2026:1705-1 Release Date: 2026-05-06T10:28:39Z Rating: important References: * bsc#1259118 * bsc#1262490 * bsc#1262494 * bsc#1262495 * bsc#1262496 * bsc#1262497 * bsc#1262500 * bsc#1262501 * jsc#PED-15898 Cross-References: * CVE-2026-22007 * CVE-2026-22013 * CVE-2026-22016 * CVE-2026-22018 * CVE-2026-22021 * CVE-2026-23865 * CVE-2026-34268 * CVE-2026-34282 CVSS scores: * CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22013 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34282 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves eight vulnerabilities and contains one feature can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.11+10 (April 2026 CPU). Security issues fixed: * CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessible data (bsc#1262490). * CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized access to critical data (bsc#1262494). * CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized to access critical data (bsc#1262495). * CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial denial of service (bsc#1262496). * CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service (bsc#1262497). * CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118). * CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of data (bsc#1262500). * CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or frequently repeatable crash (bsc#1262501). Other updates and bugfixes: * Provide the timezone-java and tzdata-java (jsc#PED-15898). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1705=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1705=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1705=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1705=1 ## Package List: * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * java-21-openjdk-devel-21.0.11.0-150600.3.26.1 * java-21-openjdk-headless-21.0.11.0-150600.3.26.1 * java-21-openjdk-21.0.11.0-150600.3.26.1 * java-21-openjdk-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-headless-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-devel-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-debugsource-21.0.11.0-150600.3.26.1 * java-21-openjdk-demo-21.0.11.0-150600.3.26.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * java-21-openjdk-devel-21.0.11.0-150600.3.26.1 * java-21-openjdk-headless-21.0.11.0-150600.3.26.1 * java-21-openjdk-21.0.11.0-150600.3.26.1 * java-21-openjdk-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-headless-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-devel-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-debugsource-21.0.11.0-150600.3.26.1 * java-21-openjdk-demo-21.0.11.0-150600.3.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-devel-21.0.11.0-150600.3.26.1 * java-21-openjdk-jmods-21.0.11.0-150600.3.26.1 * java-21-openjdk-headless-21.0.11.0-150600.3.26.1 * java-21-openjdk-src-21.0.11.0-150600.3.26.1 * java-21-openjdk-21.0.11.0-150600.3.26.1 * java-21-openjdk-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-headless-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-devel-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-debugsource-21.0.11.0-150600.3.26.1 * java-21-openjdk-demo-21.0.11.0-150600.3.26.1 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.11.0-150600.3.26.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-devel-21.0.11.0-150600.3.26.1 * java-21-openjdk-headless-21.0.11.0-150600.3.26.1 * java-21-openjdk-21.0.11.0-150600.3.26.1 * java-21-openjdk-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-headless-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-devel-debuginfo-21.0.11.0-150600.3.26.1 * java-21-openjdk-debugsource-21.0.11.0-150600.3.26.1 * java-21-openjdk-demo-21.0.11.0-150600.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22007.html * https://www.suse.com/security/cve/CVE-2026-22013.html * https://www.suse.com/security/cve/CVE-2026-22016.html * https://www.suse.com/security/cve/CVE-2026-22018.html * https://www.suse.com/security/cve/CVE-2026-22021.html * https://www.suse.com/security/cve/CVE-2026-23865.html * https://www.suse.com/security/cve/CVE-2026-34268.html * https://www.suse.com/security/cve/CVE-2026-34282.html * https://bugzilla.suse.com/show_bug.cgi?id=1259118 * https://bugzilla.suse.com/show_bug.cgi?id=1262490 * https://bugzilla.suse.com/show_bug.cgi?id=1262494 * https://bugzilla.suse.com/show_bug.cgi?id=1262495 * https://bugzilla.suse.com/show_bug.cgi?id=1262496 * https://bugzilla.suse.com/show_bug.cgi?id=1262497 * https://bugzilla.suse.com/show_bug.cgi?id=1262500 * https://bugzilla.suse.com/show_bug.cgi?id=1262501 * https://jira.suse.com/browse/PED-15898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 16:31:01 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 16:31:01 -0000 Subject: SUSE-SU-2026:1704-1: important: Security update for java-25-openjdk Message-ID: <177808506182.3066.9612704704468295466@9f1e1d6b19fe> # Security update for java-25-openjdk Announcement ID: SUSE-SU-2026:1704-1 Release Date: 2026-05-06T10:28:15Z Rating: important References: * bsc#1259118 * bsc#1262490 * bsc#1262493 * bsc#1262494 * bsc#1262495 * bsc#1262496 * bsc#1262497 * bsc#1262500 * bsc#1262501 * jsc#PED-15898 Cross-References: * CVE-2026-22007 * CVE-2026-22008 * CVE-2026-22013 * CVE-2026-22016 * CVE-2026-22018 * CVE-2026-22021 * CVE-2026-23865 * CVE-2026-34268 * CVE-2026-34282 CVSS scores: * CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22008 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-22008 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-22008 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-22013 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34282 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves nine vulnerabilities and contains one feature can now be installed. ## Description: This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.3+9 (April 2026 CPU). Security issues fixed: * CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessible data (bsc#1262490). * CVE-2026-22008: Libraries: unauthenticated attacker with network access via multiple protocols can gain unauthorized update, insert or delete access to data (bsc#1262493). * CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized access to critical data (bsc#1262494). * CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized to access critical data (bsc#1262495). * CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial denial of service (bsc#1262496). * CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service (bsc#1262497). * CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118). * CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of data (bsc#1262500). * CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or frequently repeatable crash (bsc#1262501). Other updates and bugfixes: * Provide the timezone-java and tzdata-java (jsc#PED-15898). * Migrate to the new logic of FIPS patch developed by RedHat in https://github.com/rh-openjdk/jdk/tree/fips-25u. * Add the sources of /nss-native-fips-key-import-export-adapter. * This native library is an adapter for OpenJDK to use the NSS PKCS #11 software token (libsoftokn3.so) in FIPS mode. * Allow overriding of gcc name. * Don't make missing system crypto-policies fatal. * Add create-crypto-properties-files.bash that generates during the build the config files for different fips and non-fips scenarios. * Add TestSecurityProperties.java to test the loading of system security properties where applicable. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1704=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * java-25-openjdk-25.0.3.0-150700.15.10.1 * java-25-openjdk-headless-debuginfo-25.0.3.0-150700.15.10.1 * java-25-openjdk-debuginfo-25.0.3.0-150700.15.10.1 * java-25-openjdk-devel-debuginfo-25.0.3.0-150700.15.10.1 * java-25-openjdk-demo-25.0.3.0-150700.15.10.1 * java-25-openjdk-devel-25.0.3.0-150700.15.10.1 * java-25-openjdk-headless-25.0.3.0-150700.15.10.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22007.html * https://www.suse.com/security/cve/CVE-2026-22008.html * https://www.suse.com/security/cve/CVE-2026-22013.html * https://www.suse.com/security/cve/CVE-2026-22016.html * https://www.suse.com/security/cve/CVE-2026-22018.html * https://www.suse.com/security/cve/CVE-2026-22021.html * https://www.suse.com/security/cve/CVE-2026-23865.html * https://www.suse.com/security/cve/CVE-2026-34268.html * https://www.suse.com/security/cve/CVE-2026-34282.html * https://bugzilla.suse.com/show_bug.cgi?id=1259118 * https://bugzilla.suse.com/show_bug.cgi?id=1262490 * https://bugzilla.suse.com/show_bug.cgi?id=1262493 * https://bugzilla.suse.com/show_bug.cgi?id=1262494 * https://bugzilla.suse.com/show_bug.cgi?id=1262495 * https://bugzilla.suse.com/show_bug.cgi?id=1262496 * https://bugzilla.suse.com/show_bug.cgi?id=1262497 * https://bugzilla.suse.com/show_bug.cgi?id=1262500 * https://bugzilla.suse.com/show_bug.cgi?id=1262501 * https://jira.suse.com/browse/PED-15898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 16:31:15 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 16:31:15 -0000 Subject: SUSE-SU-2026:1703-1: important: Security update for java-11-openjdk Message-ID: <177808507574.3066.18402922980499626165@9f1e1d6b19fe> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2026:1703-1 Release Date: 2026-05-06T08:45:05Z Rating: important References: * bsc#1259118 * bsc#1262490 * bsc#1262494 * bsc#1262495 * bsc#1262496 * bsc#1262497 * bsc#1262500 * bsc#1262501 * jsc#PED-15898 Cross-References: * CVE-2026-22007 * CVE-2026-22013 * CVE-2026-22016 * CVE-2026-22018 * CVE-2026-22021 * CVE-2026-23865 * CVE-2026-34268 * CVE-2026-34282 CVSS scores: * CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22013 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34282 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves eight vulnerabilities and contains one feature can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.31+11 (April 2026 CPU). Security issues fixed: * CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessible data (bsc#1262490). * CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized access to critical data (bsc#1262494). * CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized to access critical data (bsc#1262495). * CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial denial of service (bsc#1262496). * CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service (bsc#1262497). * CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118). * CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of data (bsc#1262500). * CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or frequently repeatable crash (bsc#1262501). Other updates and bugfixes: * Provide the timezone-java and tzdata-java (jsc#PED-15898). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1703=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1703=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-headless-11.0.31.0-3.99.1 * java-11-openjdk-debuginfo-11.0.31.0-3.99.1 * java-11-openjdk-11.0.31.0-3.99.1 * java-11-openjdk-demo-11.0.31.0-3.99.1 * java-11-openjdk-devel-11.0.31.0-3.99.1 * java-11-openjdk-debugsource-11.0.31.0-3.99.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * java-11-openjdk-headless-11.0.31.0-3.99.1 * java-11-openjdk-debuginfo-11.0.31.0-3.99.1 * java-11-openjdk-11.0.31.0-3.99.1 * java-11-openjdk-demo-11.0.31.0-3.99.1 * java-11-openjdk-devel-11.0.31.0-3.99.1 * java-11-openjdk-debugsource-11.0.31.0-3.99.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22007.html * https://www.suse.com/security/cve/CVE-2026-22013.html * https://www.suse.com/security/cve/CVE-2026-22016.html * https://www.suse.com/security/cve/CVE-2026-22018.html * https://www.suse.com/security/cve/CVE-2026-22021.html * https://www.suse.com/security/cve/CVE-2026-23865.html * https://www.suse.com/security/cve/CVE-2026-34268.html * https://www.suse.com/security/cve/CVE-2026-34282.html * https://bugzilla.suse.com/show_bug.cgi?id=1259118 * https://bugzilla.suse.com/show_bug.cgi?id=1262490 * https://bugzilla.suse.com/show_bug.cgi?id=1262494 * https://bugzilla.suse.com/show_bug.cgi?id=1262495 * https://bugzilla.suse.com/show_bug.cgi?id=1262496 * https://bugzilla.suse.com/show_bug.cgi?id=1262497 * https://bugzilla.suse.com/show_bug.cgi?id=1262500 * https://bugzilla.suse.com/show_bug.cgi?id=1262501 * https://jira.suse.com/browse/PED-15898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:30:06 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:30:06 -0000 Subject: SUSE-SU-2026:21492-1: moderate: Security update for openCryptoki Message-ID: <177809940601.3181.15363177275810657541@dde0e951fc7e> # Security update for openCryptoki Announcement ID: SUSE-SU-2026:21492-1 Release Date: 2026-05-05T13:42:13Z Rating: moderate References: * bsc#1263819 Cross-References: * CVE-2026-40253 CVSS scores: * CVE-2026-40253 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for openCryptoki fixes the following issues: * CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects (bsc#1263819) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-697=1 ## Package List: * SUSE Linux Micro 6.0 (s390x) * openCryptoki-debugsource-3.23.0-3.1 * openCryptoki-3.23.0-3.1 * openCryptoki-debuginfo-3.23.0-3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40253.html * https://bugzilla.suse.com/show_bug.cgi?id=1263819 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:30:18 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:30:18 -0000 Subject: SUSE-SU-2026:21491-1: important: Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809941810.3181.13783138795856429712@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21491-1 Release Date: 2026-05-05T14:59:28Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-396=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_13-debugsource-7-1.1 * kernel-livepatch-6_4_0-36-default-debuginfo-7-1.1 * kernel-livepatch-6_4_0-36-default-7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:30:21 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:30:21 -0000 Subject: SUSE-SU-2026:21490-1: important: Security update for containerd Message-ID: <177809942115.3181.3551596509567188829@dde0e951fc7e> # Security update for containerd Announcement ID: SUSE-SU-2026:21490-1 Release Date: 2026-05-05T13:36:19Z Rating: important References: * bsc#1260296 Cross-References: * CVE-2026-33186 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for containerd fixes the following issue: * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2 `:path` pseudo-header (bsc#1260296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-696=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * containerd-1.7.29-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://bugzilla.suse.com/show_bug.cgi?id=1260296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:30:24 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:30:24 -0000 Subject: SUSE-SU-2026:21489-1: important: Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809942449.3181.5680113465463267135@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21489-1 Release Date: 2026-05-05T13:18:14Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-393=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-41-rt-2-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_19-debugsource-2-1.1 * kernel-livepatch-6_4_0-41-rt-debuginfo-2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:30:29 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:30:29 -0000 Subject: SUSE-SU-2026:21488-1: important: Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809942923.3181.16937310464039883941@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21488-1 Release Date: 2026-05-05T13:15:02Z Rating: important References: * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-395=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-40-default-3-1.1 * kernel-livepatch-6_4_0-40-default-debuginfo-3-1.1 * kernel-livepatch-MICRO-6-0_Update_17-debugsource-3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:30:39 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:30:39 -0000 Subject: SUSE-SU-2026:21487-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809943997.3181.1669716366560617947@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21487-1 Release Date: 2026-05-05T13:15:02Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-394=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_7-debugsource-17-1.2 * kernel-livepatch-6_4_0-29-default-17-1.2 * kernel-livepatch-6_4_0-29-default-debuginfo-17-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:30:45 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:30:45 -0000 Subject: SUSE-SU-2026:21486-1: important: Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809944561.3181.13798093282830773108@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21486-1 Release Date: 2026-05-05T13:12:42Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-392=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_16-debugsource-4-1.1 * kernel-livepatch-6_4_0-39-default-debuginfo-4-1.1 * kernel-livepatch-6_4_0-39-default-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:30:53 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:30:53 -0000 Subject: SUSE-SU-2026:21485-1: important: Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809945382.3181.16277967026870648302@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21485-1 Release Date: 2026-05-05T13:12:42Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-391=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-38-default-debuginfo-5-1.2 * kernel-livepatch-6_4_0-38-default-5-1.2 * kernel-livepatch-MICRO-6-0_Update_14-debugsource-5-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:31:02 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:31:02 -0000 Subject: SUSE-SU-2026:21484-1: important: Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809946256.3181.17640818989659434151@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21484-1 Release Date: 2026-05-05T13:12:42Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-390=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-35-default-debuginfo-9-1.1 * kernel-livepatch-6_4_0-35-default-9-1.1 * kernel-livepatch-MICRO-6-0_Update_12-debugsource-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:31:11 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:31:11 -0000 Subject: SUSE-SU-2026:21483-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809947129.3181.10990489788792970144@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21483-1 Release Date: 2026-05-05T13:09:59Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-389=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-34-default-debuginfo-9-1.1 * kernel-livepatch-MICRO-6-0_Update_11-debugsource-9-1.1 * kernel-livepatch-6_4_0-34-default-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:31:20 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:31:20 -0000 Subject: SUSE-SU-2026:21482-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809948001.3181.8483262533611694185@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21482-1 Release Date: 2026-05-05T13:09:59Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-388=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-32-default-10-1.1 * kernel-livepatch-MICRO-6-0_Update_10-debugsource-10-1.1 * kernel-livepatch-6_4_0-32-default-debuginfo-10-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:31:29 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:31:29 -0000 Subject: SUSE-SU-2026:21481-1: important: Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809948961.3181.3902508480139279902@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21481-1 Release Date: 2026-05-05T13:09:59Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-387=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_9-debugsource-16-1.2 * kernel-livepatch-6_4_0-31-default-16-1.2 * kernel-livepatch-6_4_0-31-default-debuginfo-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:31:39 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:31:39 -0000 Subject: SUSE-SU-2026:21480-1: important: Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809949957.3181.13850750086378964557@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21480-1 Release Date: 2026-05-05T13:09:59Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-386=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-30-default-debuginfo-16-1.2 * kernel-livepatch-6_4_0-30-default-16-1.2 * kernel-livepatch-MICRO-6-0_Update_8-debugsource-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:31:49 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:31:49 -0000 Subject: SUSE-SU-2026:21479-1: important: Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809950959.3181.5355694631190425458@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21479-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-385=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-28-default-debuginfo-18-3.1 * kernel-livepatch-MICRO-6-0_Update_6-debugsource-18-3.1 * kernel-livepatch-6_4_0-28-default-18-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:31:53 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:31:53 -0000 Subject: SUSE-SU-2026:21478-1: important: Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809951390.3181.9006647583824658705@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21478-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-384=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_18-debugsource-3-1.1 * kernel-livepatch-6_4_0-40-rt-3-1.1 * kernel-livepatch-6_4_0-40-rt-debuginfo-3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:32:02 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:32:02 -0000 Subject: SUSE-SU-2026:21477-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809952235.3181.10324845444566032270@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21477-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-383=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-39-rt-4-1.1 * kernel-livepatch-6_4_0-39-rt-debuginfo-4-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_15-debugsource-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:32:10 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:32:10 -0000 Subject: SUSE-SU-2026:21476-1: important: Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809953077.3181.713297382203021385@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21476-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-382=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-38-rt-5-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_14-debugsource-5-1.1 * kernel-livepatch-6_4_0-38-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:32:19 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:32:19 -0000 Subject: SUSE-SU-2026:21475-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809953924.3181.1028006487939139809@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21475-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-381=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_13-debugsource-5-1.1 * kernel-livepatch-6_4_0-37-rt-5-1.1 * kernel-livepatch-6_4_0-37-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:32:27 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:32:27 -0000 Subject: SUSE-SU-2026:21474-1: important: Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809954790.3181.8448656439996318276@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21474-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-380=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-36-rt-debuginfo-9-1.1 * kernel-livepatch-6_4_0-36-rt-9-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_12-debugsource-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:32:36 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:32:36 -0000 Subject: SUSE-SU-2026:21473-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809955628.3181.283552092645490655@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21473-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-379=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_11-debugsource-10-1.1 * kernel-livepatch-6_4_0-35-rt-10-1.1 * kernel-livepatch-6_4_0-35-rt-debuginfo-10-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:32:46 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:32:46 -0000 Subject: SUSE-SU-2026:21472-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809956662.3181.15963332671424942230@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21472-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-378=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_10-debugsource-14-1.1 * kernel-livepatch-6_4_0-34-rt-14-1.1 * kernel-livepatch-6_4_0-34-rt-debuginfo-14-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:32:56 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:32:56 -0000 Subject: SUSE-SU-2026:21471-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809957663.3181.2220810960099250806@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21471-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-377=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_9-debugsource-14-1.2 * kernel-livepatch-6_4_0-33-rt-14-1.2 * kernel-livepatch-6_4_0-33-rt-debuginfo-14-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:06 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:06 -0000 Subject: SUSE-SU-2026:21470-1: important: Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809958643.3181.6254648658296873599@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21470-1 Release Date: 2026-05-05T13:07:20Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-376=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_8-debugsource-16-1.2 * kernel-livepatch-6_4_0-31-rt-debuginfo-16-1.2 * kernel-livepatch-6_4_0-31-rt-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:16 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:16 -0000 Subject: SUSE-SU-2026:21469-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809959627.3181.1536251473948984139@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21469-1 Release Date: 2026-05-05T13:07:20Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-375=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-30-rt-17-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-17-1.3 * kernel-livepatch-6_4_0-30-rt-debuginfo-17-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:26 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:26 -0000 Subject: SUSE-SU-2026:21468-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809960631.3181.3679193918662378668@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21468-1 Release Date: 2026-05-05T13:07:20Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-374=1 ## Package List: * SUSE Linux Micro 6.0 (x86_64) * kernel-livepatch-6_4_0-28-rt-debuginfo-17-3.1 * kernel-livepatch-MICRO-6-0-RT_Update_6-debugsource-17-3.1 * kernel-livepatch-6_4_0-28-rt-17-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:29 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:29 -0000 Subject: SUSE-SU-2026:21467-1: important: Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177809960969.3181.8106409918927752065@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21467-1 Release Date: 2026-05-05T12:49:59Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-373=1 ## Package List: * SUSE Linux Micro 6.0 (s390x x86_64) * kernel-livepatch-6_4_0-41-default-2-1.1 * kernel-livepatch-MICRO-6-0_Update_18-debugsource-2-1.1 * kernel-livepatch-6_4_0-41-default-debuginfo-2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:32 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:32 -0000 Subject: SUSE-RU-2026:21466-1: moderate: Recommended update for lifecycle-data-sle-module-live-patching Message-ID: <177809961268.3181.15002884589807532150@dde0e951fc7e> # Recommended update for lifecycle-data-sle-module-live-patching Announcement ID: SUSE-RU-2026:21466-1 Release Date: 2026-05-04T13:18:15Z Rating: moderate References: * bsc#1020320 Affected Products: * SUSE Linux Micro 6.0 An update that has one fix can now be installed. ## Description: This update for lifecycle-data-sle-module-live-patching fixes the following issues: * Added data for 6_4_0-38, 6_4_0-39, 6_4_0-40, 6_4_0-41. (bsc#1020320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-kernel-372=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * lifecycle-data-sle-module-live-patching-6-7.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1020320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:35 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:35 -0000 Subject: SUSE-SU-2026:1724-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7) Message-ID: <177809961547.3181.9361605691232889934@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1724-1 Release Date: 2026-05-06T15:05:00Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.34 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1724=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_34-default-debuginfo-2-150700.2.1 * kernel-livepatch-6_4_0-150700_53_34-default-2-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_10-debugsource-2-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:44 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:44 -0000 Subject: SUSE-SU-2026:1718-1: important: Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4) Message-ID: <177809962433.3181.874200157219375927@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 40 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:1718-1 Release Date: 2026-05-06T12:33:52Z Rating: important References: * bsc#1252048 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.164 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1718=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1718=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_40-debugsource-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-18-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_40-debugsource-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-debuginfo-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_164-default-18-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:49 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:49 -0000 Subject: SUSE-SU-2026:1723-1: moderate: Security update for openCryptoki Message-ID: <177809962926.3181.239148236020463967@dde0e951fc7e> # Security update for openCryptoki Announcement ID: SUSE-SU-2026:1723-1 Release Date: 2026-05-06T14:57:31Z Rating: moderate References: * bsc#1263819 Cross-References: * CVE-2026-40253 CVSS scores: * CVE-2026-40253 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for openCryptoki fixes the following issues: * CVE-2026-40253: updated fix by IBM for malformed BER-encoded cryptographic objects (bsc#1263819) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1723=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1723=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * openCryptoki-devel-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-3.23.0-150500.3.18.1 * openCryptoki-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-debugsource-3.23.0-150500.3.18.1 * openCryptoki-devel-3.23.0-150500.3.18.1 * openSUSE Leap 15.5 (i586) * openCryptoki-32bit-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-32bit-3.23.0-150500.3.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * openCryptoki-64bit-3.23.0-150500.3.18.1 * openCryptoki-64bit-debuginfo-3.23.0-150500.3.18.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * openCryptoki-debuginfo-3.23.0-150500.3.18.1 * openCryptoki-3.23.0-150500.3.18.1 * openCryptoki-debugsource-3.23.0-150500.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40253.html * https://bugzilla.suse.com/show_bug.cgi?id=1263819 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:54 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:54 -0000 Subject: SUSE-RU-2026:1721-1: important: Recommended update for cloud-netconfig Message-ID: <177809963484.3181.10271305060356908648@dde0e951fc7e> # Recommended update for cloud-netconfig Announcement ID: SUSE-RU-2026:1721-1 Release Date: 2026-05-06T14:44:15Z Rating: important References: * bsc#1253223 * bsc#1258406 * bsc#1258730 Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has three fixes can now be installed. ## Description: This update for cloud-netconfig fixes the following issues: * Update to version 1.19: * Make sure IPADDR variable is stripped of netmask * Update to version 1.18: * Fix issue with link-local address routing (bsc#1258730) * Update to version 1.17: * Do not set broadcast address explicitly (bsc#1258406) * Update to version 1.16: * Fix query of default CLOUD_NETCONFIG_MANAGE (bsc#1253223) * Fix variable names in the README ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1721=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1721=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1721=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1721=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1721=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1721=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-1721=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2026-1721=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2026-1721=1 * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2026-1721=1 ## Package List: * openSUSE Leap 15.6 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * Public Cloud Module 15-SP4 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * Public Cloud Module 15-SP5 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * Public Cloud Module 15-SP6 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 * Public Cloud Module 15-SP7 (noarch) * cloud-netconfig-ec2-1.19-150000.25.31.1 * cloud-netconfig-gce-1.19-150000.25.31.1 * cloud-netconfig-azure-1.19-150000.25.31.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1253223 * https://bugzilla.suse.com/show_bug.cgi?id=1258406 * https://bugzilla.suse.com/show_bug.cgi?id=1258730 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:33:57 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:33:57 -0000 Subject: SUSE-RU-2026:1720-1: important: Recommended update for sssd Message-ID: <177809963781.3181.9708750205617017126@dde0e951fc7e> # Recommended update for sssd Announcement ID: SUSE-RU-2026:1720-1 Release Date: 2026-05-06T14:42:59Z Rating: important References: * bsc#1259436 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for sssd fixes the following issues: * With the 2.10 update sssd runs under unprivileged user which is not possible in certain scenarios. This update reverts to run as root with minimum privileges (bsc#1259436); * Let krb5 child tolerate missing capabilities; * Fix systemd try-restart warning when updating ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1720=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1720=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1720=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * sssd-ad-debuginfo-2.10.2-150600.3.47.1 * sssd-ipa-debuginfo-2.10.2-150600.3.47.1 * libsss_simpleifp0-debuginfo-2.10.2-150600.3.47.1 * libsss_simpleifp-devel-2.10.2-150600.3.47.1 * sssd-krb5-common-debuginfo-2.10.2-150600.3.47.1 * python3-sss_nss_idmap-2.10.2-150600.3.47.1 * sssd-ad-2.10.2-150600.3.47.1 * libsss_certmap-devel-2.10.2-150600.3.47.1 * sssd-krb5-debuginfo-2.10.2-150600.3.47.1 * libipa_hbac-devel-2.10.2-150600.3.47.1 * sssd-kcm-debuginfo-2.10.2-150600.3.47.1 * sssd-ldap-debuginfo-2.10.2-150600.3.47.1 * python3-ipa_hbac-2.10.2-150600.3.47.1 * libnfsidmap-sss-2.10.2-150600.3.47.1 * libsss_simpleifp0-2.10.2-150600.3.47.1 * sssd-tools-2.10.2-150600.3.47.1 * sssd-proxy-2.10.2-150600.3.47.1 * libsss_idmap-devel-2.10.2-150600.3.47.1 * sssd-ipa-2.10.2-150600.3.47.1 * sssd-ldap-2.10.2-150600.3.47.1 * sssd-dbus-2.10.2-150600.3.47.1 * libipa_hbac0-debuginfo-2.10.2-150600.3.47.1 * sssd-krb5-common-2.10.2-150600.3.47.1 * sssd-krb5-2.10.2-150600.3.47.1 * sssd-proxy-debuginfo-2.10.2-150600.3.47.1 * python3-sss-murmur-2.10.2-150600.3.47.1 * python3-sssd-config-debuginfo-2.10.2-150600.3.47.1 * sssd-2.10.2-150600.3.47.1 * libipa_hbac0-2.10.2-150600.3.47.1 * libsss_idmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap0-2.10.2-150600.3.47.1 * libnfsidmap-sss-debuginfo-2.10.2-150600.3.47.1 * sssd-winbind-idmap-2.10.2-150600.3.47.1 * sssd-winbind-idmap-debuginfo-2.10.2-150600.3.47.1 * sssd-kcm-2.10.2-150600.3.47.1 * sssd-dbus-debuginfo-2.10.2-150600.3.47.1 * sssd-tools-debuginfo-2.10.2-150600.3.47.1 * python3-ipa_hbac-debuginfo-2.10.2-150600.3.47.1 * sssd-debugsource-2.10.2-150600.3.47.1 * python3-sss_nss_idmap-debuginfo-2.10.2-150600.3.47.1 * libsss_idmap0-2.10.2-150600.3.47.1 * python3-sssd-config-2.10.2-150600.3.47.1 * python3-sss-murmur-debuginfo-2.10.2-150600.3.47.1 * libsss_certmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_certmap0-2.10.2-150600.3.47.1 * sssd-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap-devel-2.10.2-150600.3.47.1 * openSUSE Leap 15.6 (x86_64) * sssd-32bit-debuginfo-2.10.2-150600.3.47.1 * sssd-32bit-2.10.2-150600.3.47.1 * openSUSE Leap 15.6 (aarch64_ilp32) * sssd-64bit-debuginfo-2.10.2-150600.3.47.1 * sssd-64bit-2.10.2-150600.3.47.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * sssd-ad-debuginfo-2.10.2-150600.3.47.1 * sssd-ipa-debuginfo-2.10.2-150600.3.47.1 * libsss_simpleifp0-debuginfo-2.10.2-150600.3.47.1 * libsss_simpleifp-devel-2.10.2-150600.3.47.1 * sssd-krb5-common-debuginfo-2.10.2-150600.3.47.1 * sssd-ad-2.10.2-150600.3.47.1 * libsss_certmap-devel-2.10.2-150600.3.47.1 * sssd-krb5-debuginfo-2.10.2-150600.3.47.1 * libipa_hbac-devel-2.10.2-150600.3.47.1 * sssd-kcm-debuginfo-2.10.2-150600.3.47.1 * sssd-ldap-debuginfo-2.10.2-150600.3.47.1 * libsss_simpleifp0-2.10.2-150600.3.47.1 * sssd-tools-2.10.2-150600.3.47.1 * sssd-proxy-2.10.2-150600.3.47.1 * libsss_idmap-devel-2.10.2-150600.3.47.1 * sssd-ipa-2.10.2-150600.3.47.1 * sssd-ldap-2.10.2-150600.3.47.1 * sssd-dbus-2.10.2-150600.3.47.1 * libipa_hbac0-debuginfo-2.10.2-150600.3.47.1 * sssd-krb5-common-2.10.2-150600.3.47.1 * sssd-krb5-2.10.2-150600.3.47.1 * sssd-proxy-debuginfo-2.10.2-150600.3.47.1 * python3-sssd-config-debuginfo-2.10.2-150600.3.47.1 * sssd-2.10.2-150600.3.47.1 * libipa_hbac0-2.10.2-150600.3.47.1 * libsss_idmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap0-2.10.2-150600.3.47.1 * sssd-winbind-idmap-2.10.2-150600.3.47.1 * sssd-winbind-idmap-debuginfo-2.10.2-150600.3.47.1 * sssd-kcm-2.10.2-150600.3.47.1 * sssd-dbus-debuginfo-2.10.2-150600.3.47.1 * sssd-tools-debuginfo-2.10.2-150600.3.47.1 * sssd-debugsource-2.10.2-150600.3.47.1 * libsss_idmap0-2.10.2-150600.3.47.1 * python3-sssd-config-2.10.2-150600.3.47.1 * libsss_certmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_certmap0-2.10.2-150600.3.47.1 * sssd-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap-devel-2.10.2-150600.3.47.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * sssd-32bit-debuginfo-2.10.2-150600.3.47.1 * sssd-32bit-2.10.2-150600.3.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * sssd-ad-debuginfo-2.10.2-150600.3.47.1 * sssd-ipa-debuginfo-2.10.2-150600.3.47.1 * libsss_simpleifp0-debuginfo-2.10.2-150600.3.47.1 * libsss_simpleifp-devel-2.10.2-150600.3.47.1 * sssd-krb5-common-debuginfo-2.10.2-150600.3.47.1 * sssd-ad-2.10.2-150600.3.47.1 * libsss_certmap-devel-2.10.2-150600.3.47.1 * sssd-krb5-debuginfo-2.10.2-150600.3.47.1 * libipa_hbac-devel-2.10.2-150600.3.47.1 * sssd-kcm-debuginfo-2.10.2-150600.3.47.1 * sssd-ldap-debuginfo-2.10.2-150600.3.47.1 * libsss_simpleifp0-2.10.2-150600.3.47.1 * sssd-tools-2.10.2-150600.3.47.1 * sssd-proxy-2.10.2-150600.3.47.1 * libsss_idmap-devel-2.10.2-150600.3.47.1 * sssd-ipa-2.10.2-150600.3.47.1 * sssd-ldap-2.10.2-150600.3.47.1 * sssd-dbus-2.10.2-150600.3.47.1 * libipa_hbac0-debuginfo-2.10.2-150600.3.47.1 * sssd-krb5-common-2.10.2-150600.3.47.1 * sssd-krb5-2.10.2-150600.3.47.1 * sssd-proxy-debuginfo-2.10.2-150600.3.47.1 * python3-sssd-config-debuginfo-2.10.2-150600.3.47.1 * sssd-2.10.2-150600.3.47.1 * libipa_hbac0-2.10.2-150600.3.47.1 * libsss_idmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap0-2.10.2-150600.3.47.1 * sssd-winbind-idmap-2.10.2-150600.3.47.1 * sssd-winbind-idmap-debuginfo-2.10.2-150600.3.47.1 * sssd-kcm-2.10.2-150600.3.47.1 * sssd-dbus-debuginfo-2.10.2-150600.3.47.1 * sssd-tools-debuginfo-2.10.2-150600.3.47.1 * sssd-debugsource-2.10.2-150600.3.47.1 * libsss_idmap0-2.10.2-150600.3.47.1 * python3-sssd-config-2.10.2-150600.3.47.1 * libsss_certmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap0-debuginfo-2.10.2-150600.3.47.1 * libsss_certmap0-2.10.2-150600.3.47.1 * sssd-debuginfo-2.10.2-150600.3.47.1 * libsss_nss_idmap-devel-2.10.2-150600.3.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * sssd-32bit-debuginfo-2.10.2-150600.3.47.1 * sssd-32bit-2.10.2-150600.3.47.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1259436 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:34:00 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:34:00 -0000 Subject: SUSE-RU-2026:1719-1: important: Recommended update for sssd Message-ID: <177809964060.3181.13590139897321316621@dde0e951fc7e> # Recommended update for sssd Announcement ID: SUSE-RU-2026:1719-1 Release Date: 2026-05-06T14:42:39Z Rating: important References: * bsc#1259436 Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for sssd fixes the following issues: * With the 2.10 update sssd runs under unprivileged user which is not possible in certain scenarios. This update reverts to run as root with minimum privileges (bsc#1259436); * Let krb5 child tolerate missing capabilities; * Fix systemd try-restart warning when updating ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1719=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libsss_certmap0-2.10.2-150700.9.28.1 * sssd-debugsource-2.10.2-150700.9.28.1 * python3-sssd-config-2.10.2-150700.9.28.1 * sssd-kcm-debuginfo-2.10.2-150700.9.28.1 * libsss_nss_idmap0-2.10.2-150700.9.28.1 * libsss_idmap0-debuginfo-2.10.2-150700.9.28.1 * sssd-krb5-common-2.10.2-150700.9.28.1 * sssd-2.10.2-150700.9.28.1 * sssd-proxy-debuginfo-2.10.2-150700.9.28.1 * sssd-krb5-debuginfo-2.10.2-150700.9.28.1 * libsss_idmap0-2.10.2-150700.9.28.1 * sssd-ad-debuginfo-2.10.2-150700.9.28.1 * sssd-tools-2.10.2-150700.9.28.1 * sssd-proxy-2.10.2-150700.9.28.1 * libsss_simpleifp-devel-2.10.2-150700.9.28.1 * libipa_hbac0-2.10.2-150700.9.28.1 * libsss_simpleifp0-2.10.2-150700.9.28.1 * sssd-winbind-idmap-2.10.2-150700.9.28.1 * sssd-ipa-debuginfo-2.10.2-150700.9.28.1 * libipa_hbac-devel-2.10.2-150700.9.28.1 * sssd-krb5-2.10.2-150700.9.28.1 * sssd-tools-debuginfo-2.10.2-150700.9.28.1 * python3-sssd-config-debuginfo-2.10.2-150700.9.28.1 * libsss_certmap-devel-2.10.2-150700.9.28.1 * sssd-ipa-2.10.2-150700.9.28.1 * sssd-kcm-2.10.2-150700.9.28.1 * sssd-dbus-2.10.2-150700.9.28.1 * libsss_idmap-devel-2.10.2-150700.9.28.1 * libsss_nss_idmap-devel-2.10.2-150700.9.28.1 * libsss_nss_idmap0-debuginfo-2.10.2-150700.9.28.1 * sssd-winbind-idmap-debuginfo-2.10.2-150700.9.28.1 * sssd-krb5-common-debuginfo-2.10.2-150700.9.28.1 * libsss_certmap0-debuginfo-2.10.2-150700.9.28.1 * sssd-ad-2.10.2-150700.9.28.1 * libipa_hbac0-debuginfo-2.10.2-150700.9.28.1 * sssd-dbus-debuginfo-2.10.2-150700.9.28.1 * sssd-ldap-debuginfo-2.10.2-150700.9.28.1 * sssd-debuginfo-2.10.2-150700.9.28.1 * sssd-ldap-2.10.2-150700.9.28.1 * libsss_simpleifp0-debuginfo-2.10.2-150700.9.28.1 * Basesystem Module 15-SP7 (x86_64) * sssd-32bit-2.10.2-150700.9.28.1 * sssd-32bit-debuginfo-2.10.2-150700.9.28.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1259436 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:34:10 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:34:10 -0000 Subject: SUSE-SU-2026:1717-1: important: Security update for curl Message-ID: <177809965049.3181.10243423030605781031@dde0e951fc7e> # Security update for curl Announcement ID: SUSE-SU-2026:1717-1 Release Date: 2026-05-06T12:14:02Z Rating: important References: * bsc#1259362 * bsc#1262631 * bsc#1262632 * bsc#1262635 * bsc#1262636 * bsc#1262638 Cross-References: * CVE-2026-1965 * CVE-2026-4873 * CVE-2026-5545 * CVE-2026-6253 * CVE-2026-6276 * CVE-2026-6429 CVSS scores: * CVE-2026-1965 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2026-1965 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N * CVE-2026-1965 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-4873 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-4873 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-5545 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-5545 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-6253 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6253 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6276 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6276 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6429 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6429 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves six vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: Security issues fixed: * CVE-2026-4873: connection reuse ignores TLS requirement (bsc#1262631). * CVE-2026-5545: wrong reuse of HTTP Negotiate connection (bsc#1262632). * CVE-2026-6253: proxy credentials leak over redirect-to proxy (bsc#1262635). * CVE-2026-6276: stale custom cookie host causes cookie leak (bsc#1262636). * CVE-2026-6429: netrc credential leak with reused proxy connection (bsc#1262638). Other updates and bugfixes: * sws: prevent "connection monitor" to say disconnect twice (bsc#1259362). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-1717=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-1717=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-1717=1 SUSE-SLE-Product- SLES_SAP-15-SP5-2026-1717=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2026-1717=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1717=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1717=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1717=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1717=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1717=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1717=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1717=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1717=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1717=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1717=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1717=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1717=1 SUSE-SLE- INSTALLER-15-SP4-2026-1717=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1717=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2026-1717=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libcurl4-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libcurl-devel-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libcurl4-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libcurl-devel-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libcurl-devel-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libcurl-devel-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libcurl-devel-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libcurl-devel-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libcurl-devel-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libcurl-devel-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libcurl-devel-8.14.1-150400.5.83.1 * curl-mini-debugsource-8.14.1-150400.5.83.1 * libcurl4-8.14.1-150400.5.83.1 * curl-debugsource-8.14.1-150400.5.83.1 * curl-debuginfo-8.14.1-150400.5.83.1 * libcurl-mini4-debuginfo-8.14.1-150400.5.83.1 * libcurl-mini4-8.14.1-150400.5.83.1 * libcurl4-debuginfo-8.14.1-150400.5.83.1 * curl-8.14.1-150400.5.83.1 * openSUSE Leap 15.4 (noarch) * curl-zsh-completion-8.14.1-150400.5.83.1 * curl-fish-completion-8.14.1-150400.5.83.1 * libcurl-devel-doc-8.14.1-150400.5.83.1 * openSUSE Leap 15.4 (x86_64) * libcurl4-32bit-debuginfo-8.14.1-150400.5.83.1 * libcurl4-32bit-8.14.1-150400.5.83.1 * libcurl-devel-32bit-8.14.1-150400.5.83.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcurl4-64bit-8.14.1-150400.5.83.1 * libcurl-devel-64bit-8.14.1-150400.5.83.1 * libcurl4-64bit-debuginfo-8.14.1-150400.5.83.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64) * libcurl4-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64) * libcurl4-8.14.1-150400.5.83.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libcurl4-8.14.1-150400.5.83.1 * SUSE Linux Enterprise Desktop 15 SP4 (x86_64) * libcurl4-8.14.1-150400.5.83.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libcurl4-8.14.1-150400.5.83.1 * SUSE Manager Proxy 4.3 (x86_64) * libcurl4-8.14.1-150400.5.83.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1965.html * https://www.suse.com/security/cve/CVE-2026-4873.html * https://www.suse.com/security/cve/CVE-2026-5545.html * https://www.suse.com/security/cve/CVE-2026-6253.html * https://www.suse.com/security/cve/CVE-2026-6276.html * https://www.suse.com/security/cve/CVE-2026-6429.html * https://bugzilla.suse.com/show_bug.cgi?id=1259362 * https://bugzilla.suse.com/show_bug.cgi?id=1262631 * https://bugzilla.suse.com/show_bug.cgi?id=1262632 * https://bugzilla.suse.com/show_bug.cgi?id=1262635 * https://bugzilla.suse.com/show_bug.cgi?id=1262636 * https://bugzilla.suse.com/show_bug.cgi?id=1262638 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:34:22 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:34:22 -0000 Subject: SUSE-SU-2026:1716-1: important: Security update for libpng12 Message-ID: <177809966226.3181.10514813287865522955@dde0e951fc7e> # Security update for libpng12 Announcement ID: SUSE-SU-2026:1716-1 Release Date: 2026-05-06T12:11:56Z Rating: important References: * bsc#1141493 * bsc#1260754 * bsc#1261957 * jsc#PED-16191 Cross-References: * CVE-2017-12652 * CVE-2026-33416 * CVE-2026-34757 CVSS scores: * CVE-2017-12652 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2017-12652 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2017-12652 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2017-12652 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2017-12652 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-33416 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-33416 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-33416 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-34757 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-34757 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-34757 ( NVD ): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for libpng12 fixes the following issues: Update to version 1.2.59 (jsc#PED-16191). Security issues : * CVE-2017-12652: missing chunk length check can lead to sensitive information disclosure, data corruption or crash (bsc#1141493). * CVE-2026-33416: use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` can lead to arbitrary code execution (bsc#1260754). * CVE-2026-34757: use-after-free in `png_set_PLTE`, `png_set_tRNS` and `png_set_hIST` can lead to corrupted chunk data and potential heap information disclosure (bsc#1261957). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1716=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1716=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1716=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1716=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1716=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1716=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1716=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1716=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1716=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1716=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1716=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * libpng12-devel-1.2.59-150000.4.11.1 * libpng12-0-debuginfo-1.2.59-150000.4.11.1 * libpng12-0-1.2.59-150000.4.11.1 * libpng12-debugsource-1.2.59-150000.4.11.1 ## References: * https://www.suse.com/security/cve/CVE-2017-12652.html * https://www.suse.com/security/cve/CVE-2026-33416.html * https://www.suse.com/security/cve/CVE-2026-34757.html * https://bugzilla.suse.com/show_bug.cgi?id=1141493 * https://bugzilla.suse.com/show_bug.cgi?id=1260754 * https://bugzilla.suse.com/show_bug.cgi?id=1261957 * https://jira.suse.com/browse/PED-16191 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:34:37 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:34:37 -0000 Subject: SUSE-SU-2026:1715-1: important: Security update for python3 Message-ID: <177809967795.3181.3324515513186304449@dde0e951fc7e> # Security update for python3 Announcement ID: SUSE-SU-2026:1715-1 Release Date: 2026-05-06T12:10:39Z Rating: important References: * bsc#1259611 * bsc#1259734 * bsc#1259735 * bsc#1259989 * bsc#1260026 * bsc#1261969 * bsc#1261970 * bsc#1262098 * bsc#1262319 * bsc#1262654 Cross-References: * CVE-2025-13462 * CVE-2026-1502 * CVE-2026-3446 * CVE-2026-3479 * CVE-2026-3644 * CVE-2026-4224 * CVE-2026-4519 * CVE-2026-4786 * CVE-2026-6019 * CVE-2026-6100 CVSS scores: * CVE-2025-13462 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-13462 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-13462 ( NVD ): 2.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-1502 ( SUSE ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-1502 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-1502 ( NVD ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3446 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-3446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-3446 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3479 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3479 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-3479 ( NVD ): 0.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3644 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3644 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-3644 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4224 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-4224 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-4224 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4519 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:L/SI:H/SA:N * CVE-2026-4519 ( SUSE ): 6.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:N * CVE-2026-4519 ( NVD ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4519 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2026-4786 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4786 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2026-4786 ( NVD ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( SUSE ): 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6019 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6100 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-6100 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6100 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives (bsc#1259611). * CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF (bsc#1261969). * CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed (bsc#1261970). * CVE-2026-3479: improper resource argument validation in `pkgutil.get_data()` can lead to path traversal (bsc#1259989). * CVE-2026-3644: incomplete control character validation in http.cookies can lead to input validation bypass (bsc#1259734). * CVE-2026-4224: parsing XML with deeply nested DTD content models can lead to C stack overflow (bsc#1259735). * CVE-2026-4519: failure to sanitize leading dashes in URLs in the `webbrowser.open()` API can lead to web browser command line option injection (bsc#1260026). * CVE-2026-4786: URLs prefixed with `%action` can pass the dash-prefix safety check and allow for command injection (bsc#1262319). * CVE-2026-6019: `BaseCookie.js_output()` does not neutralize characters in cookie values embedded in JS (bsc#1262654). * CVE-2026-6100: use-after-free in `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when process is under memory pressure(bsc#1262098). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-1715=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1715=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1715=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1715=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1715=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1715=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1715=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1715=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-1715=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1715=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1715=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1715=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1715=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1715=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1715=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1715=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1715=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1715=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1715=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1715=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1715=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-base-3.6.15-150300.10.118.1 * python3-testsuite-debuginfo-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-3.6.15-150300.10.118.1 * python3-doc-devhelp-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-doc-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-testsuite-3.6.15-150300.10.118.1 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.118.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.118.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-3.6.15-150300.10.118.1 * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.118.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-base-3.6.15-150300.10.118.1 * python3-testsuite-debuginfo-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-3.6.15-150300.10.118.1 * python3-doc-devhelp-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-doc-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-testsuite-3.6.15-150300.10.118.1 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.118.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python3-tools-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-idle-3.6.15-150300.10.118.1 * python3-dbm-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * python3-curses-3.6.15-150300.10.118.1 * python3-tools-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-dbm-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * python3-tk-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-curses-debuginfo-3.6.15-150300.10.118.1 * python3-devel-debuginfo-3.6.15-150300.10.118.1 * python3-devel-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * python3-tk-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.118.1 * python3-base-debuginfo-3.6.15-150300.10.118.1 * python3-base-3.6.15-150300.10.118.1 * python3-debuginfo-3.6.15-150300.10.118.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.118.1 * python3-debugsource-3.6.15-150300.10.118.1 * libpython3_6m1_0-3.6.15-150300.10.118.1 * python3-core-debugsource-3.6.15-150300.10.118.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13462.html * https://www.suse.com/security/cve/CVE-2026-1502.html * https://www.suse.com/security/cve/CVE-2026-3446.html * https://www.suse.com/security/cve/CVE-2026-3479.html * https://www.suse.com/security/cve/CVE-2026-3644.html * https://www.suse.com/security/cve/CVE-2026-4224.html * https://www.suse.com/security/cve/CVE-2026-4519.html * https://www.suse.com/security/cve/CVE-2026-4786.html * https://www.suse.com/security/cve/CVE-2026-6019.html * https://www.suse.com/security/cve/CVE-2026-6100.html * https://bugzilla.suse.com/show_bug.cgi?id=1259611 * https://bugzilla.suse.com/show_bug.cgi?id=1259734 * https://bugzilla.suse.com/show_bug.cgi?id=1259735 * https://bugzilla.suse.com/show_bug.cgi?id=1259989 * https://bugzilla.suse.com/show_bug.cgi?id=1260026 * https://bugzilla.suse.com/show_bug.cgi?id=1261969 * https://bugzilla.suse.com/show_bug.cgi?id=1261970 * https://bugzilla.suse.com/show_bug.cgi?id=1262098 * https://bugzilla.suse.com/show_bug.cgi?id=1262319 * https://bugzilla.suse.com/show_bug.cgi?id=1262654 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:34:48 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:34:48 -0000 Subject: SUSE-SU-2026:1714-1: important: Security update for erlang Message-ID: <177809968833.3181.4311830380357376114@dde0e951fc7e> # Security update for erlang Announcement ID: SUSE-SU-2026:1714-1 Release Date: 2026-05-06T12:08:16Z Rating: important References: * bsc#1258663 * bsc#1259681 * bsc#1259682 * bsc#1259687 * bsc#1261728 Cross-References: * CVE-2026-21620 * CVE-2026-23941 * CVE-2026-23942 * CVE-2026-23943 * CVE-2026-28808 CVSS scores: * CVE-2026-21620 ( SUSE ): 7.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-21620 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-21620 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23941 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-23941 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-23941 ( NVD ): 7.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23942 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-23942 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-23942 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23943 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-23943 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23943 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-28808 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-28808 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-28808 ( NVD ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-28808 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * Server Applications Module 15-SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities can now be installed. ## Description: This update for erlang fixes the following issues: * CVE-2026-21620: remote arbitrary read/write via TFTP relative path traversal (bsc#1258663). * CVE-2026-23941: HTTP Request Smuggling in Erlang OTP (bsc#1259687). * CVE-2026-23942: path traversal vulnerability in Erlang OTP (bsc#1259681). * CVE-2026-23943: denial of service due to improper handling of highly compressed data in Erlang OTP ssh (bsc#1259682). * CVE-2026-28808: incorrect authorization can lead to unauthenticated access to protected CGI scripts (bsc#1261728). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-1714=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1714=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1714=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1714=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1714=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1714=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1714=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1714=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1714=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1714=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1714=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1714=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * erlang-debugger-23.3.4.19-150300.3.32.1 * erlang-reltool-23.3.4.19-150300.3.32.1 * erlang-jinterface-23.3.4.19-150300.3.32.1 * erlang-dialyzer-debuginfo-23.3.4.19-150300.3.32.1 * erlang-jinterface-src-23.3.4.19-150300.3.32.1 * erlang-reltool-src-23.3.4.19-150300.3.32.1 * erlang-diameter-src-23.3.4.19-150300.3.32.1 * erlang-et-23.3.4.19-150300.3.32.1 * erlang-src-23.3.4.19-150300.3.32.1 * erlang-diameter-23.3.4.19-150300.3.32.1 * erlang-observer-src-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * erlang-doc-23.3.4.19-150300.3.32.1 * erlang-wx-debuginfo-23.3.4.19-150300.3.32.1 * erlang-observer-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-et-src-23.3.4.19-150300.3.32.1 * erlang-wx-23.3.4.19-150300.3.32.1 * erlang-wx-src-23.3.4.19-150300.3.32.1 * erlang-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-dialyzer-23.3.4.19-150300.3.32.1 * erlang-debugger-src-23.3.4.19-150300.3.32.1 * erlang-dialyzer-src-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * erlang-23.3.4.19-150300.3.32.1 * erlang-epmd-23.3.4.19-150300.3.32.1 * erlang-debugsource-23.3.4.19-150300.3.32.1 * erlang-debuginfo-23.3.4.19-150300.3.32.1 * erlang-epmd-debuginfo-23.3.4.19-150300.3.32.1 ## References: * https://www.suse.com/security/cve/CVE-2026-21620.html * https://www.suse.com/security/cve/CVE-2026-23941.html * https://www.suse.com/security/cve/CVE-2026-23942.html * https://www.suse.com/security/cve/CVE-2026-23943.html * https://www.suse.com/security/cve/CVE-2026-28808.html * https://bugzilla.suse.com/show_bug.cgi?id=1258663 * https://bugzilla.suse.com/show_bug.cgi?id=1259681 * https://bugzilla.suse.com/show_bug.cgi?id=1259682 * https://bugzilla.suse.com/show_bug.cgi?id=1259687 * https://bugzilla.suse.com/show_bug.cgi?id=1261728 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:34:53 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:34:53 -0000 Subject: SUSE-SU-2026:1713-1: important: Security update for flatpak Message-ID: <177809969320.3181.14169683658940384557@dde0e951fc7e> # Security update for flatpak Announcement ID: SUSE-SU-2026:1713-1 Release Date: 2026-05-06T12:06:56Z Rating: important References: * bsc#1261769 * bsc#1261770 Cross-References: * CVE-2026-34078 * CVE-2026-34079 CVSS scores: * CVE-2026-34078 ( SUSE ): 6.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H * CVE-2026-34078 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2026-34078 ( NVD ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-34078 ( NVD ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2026-34079 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:H/SA:N * CVE-2026-34079 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:L * CVE-2026-34079 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-34079 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-34079 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for flatpak fixes the following issues: * CVE-2026-34078: Arbitrary code execution via crafted symlinks in sandbox- expose options (bsc#1261769). * CVE-2026-34079: Arbitrary file deletion on host via improper cache file path validation (bsc#1261770). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1713=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1713=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libflatpak0-1.4.2-3.12.2 * typelib-1_0-Flatpak-1_0-1.4.2-3.12.2 * flatpak-debugsource-1.4.2-3.12.2 * libflatpak0-debuginfo-1.4.2-3.12.2 * flatpak-debuginfo-1.4.2-3.12.2 * flatpak-1.4.2-3.12.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libflatpak0-1.4.2-3.12.2 * typelib-1_0-Flatpak-1_0-1.4.2-3.12.2 * flatpak-debugsource-1.4.2-3.12.2 * libflatpak0-debuginfo-1.4.2-3.12.2 * flatpak-debuginfo-1.4.2-3.12.2 * flatpak-1.4.2-3.12.2 ## References: * https://www.suse.com/security/cve/CVE-2026-34078.html * https://www.suse.com/security/cve/CVE-2026-34079.html * https://bugzilla.suse.com/show_bug.cgi?id=1261769 * https://bugzilla.suse.com/show_bug.cgi?id=1261770 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:34:58 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:34:58 -0000 Subject: SUSE-SU-2026:1712-1: important: Security update for openexr Message-ID: <177809969856.3181.4493220668243078989@dde0e951fc7e> # Security update for openexr Announcement ID: SUSE-SU-2026:1712-1 Release Date: 2026-05-06T12:06:45Z Rating: important References: * bsc#1262425 * bsc#1262426 Cross-References: * CVE-2026-40244 * CVE-2026-40250 CVSS scores: * CVE-2026-40244 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40244 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40244 ( NVD ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40244 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2026-40250 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-40250 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40250 ( NVD ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-40250 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H Affected Products: * Desktop Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for openexr fixes the following issues: * CVE-2026-40244: Integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (bsc#1262426). * CVE-2026-40250: Integer overflow in DWA decoder outBufferEnd pointer arithmetic (bsc#1262425). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1712=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1712=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1712=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1712=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1712=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1712=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1712=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1712=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1712=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1712=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1712=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * openexr-devel-2.2.1-150000.3.46.1 * openexr-debugsource-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-debuginfo-2.2.1-150000.3.46.1 * libIlmImf-2_2-23-2.2.1-150000.3.46.1 * openexr-debuginfo-2.2.1-150000.3.46.1 * libIlmImfUtil-2_2-23-2.2.1-150000.3.46.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40244.html * https://www.suse.com/security/cve/CVE-2026-40250.html * https://bugzilla.suse.com/show_bug.cgi?id=1262425 * https://bugzilla.suse.com/show_bug.cgi?id=1262426 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 6 20:35:01 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 May 2026 20:35:01 -0000 Subject: SUSE-SU-2026:1711-1: moderate: Security update for openssl-3 Message-ID: <177809970164.3181.16902983344517149896@dde0e951fc7e> # Security update for openssl-3 Announcement ID: SUSE-SU-2026:1711-1 Release Date: 2026-05-06T12:04:48Z Rating: moderate References: * bsc#1261678 Cross-References: * CVE-2026-28390 CVSS scores: * CVE-2026-28390 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-28390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28390 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28390 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issue: * CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS EnvelopedData message with KeyTransportRecipientInfo (bsc#1261678). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1711=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1711=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1711=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1711=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1711=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 * openSUSE Leap 15.5 (x86_64) * libopenssl3-32bit-debuginfo-3.0.8-150500.5.63.1 * libopenssl3-32bit-3.0.8-150500.5.63.1 * libopenssl-3-devel-32bit-3.0.8-150500.5.63.1 * openSUSE Leap 15.5 (noarch) * openssl-3-doc-3.0.8-150500.5.63.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150500.5.63.1 * libopenssl-3-devel-64bit-3.0.8-150500.5.63.1 * libopenssl3-64bit-debuginfo-3.0.8-150500.5.63.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libopenssl3-3.0.8-150500.5.63.1 * libopenssl3-debuginfo-3.0.8-150500.5.63.1 * libopenssl-3-devel-3.0.8-150500.5.63.1 * openssl-3-3.0.8-150500.5.63.1 * openssl-3-debugsource-3.0.8-150500.5.63.1 * openssl-3-debuginfo-3.0.8-150500.5.63.1 ## References: * https://www.suse.com/security/cve/CVE-2026-28390.html * https://bugzilla.suse.com/show_bug.cgi?id=1261678 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:30:06 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:30:06 -0000 Subject: SUSE-SU-2026:21517-1: important: Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814260622.3577.2024687972400031372@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 19 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21517-1 Release Date: 2026-05-05T13:18:14Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-393=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-41-rt-2-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_19-debugsource-2-1.1 * kernel-livepatch-6_4_0-41-rt-debuginfo-2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:30:13 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:30:13 -0000 Subject: SUSE-SU-2026:21516-1: important: Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814261381.3577.12532716958067931091@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21516-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-384=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_18-debugsource-3-1.1 * kernel-livepatch-6_4_0-40-rt-3-1.1 * kernel-livepatch-6_4_0-40-rt-debuginfo-3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:30:24 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:30:24 -0000 Subject: SUSE-SU-2026:21515-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814262444.3577.14047588485835435949@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21515-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-383=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-39-rt-4-1.1 * kernel-livepatch-6_4_0-39-rt-debuginfo-4-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_15-debugsource-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:30:33 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:30:33 -0000 Subject: SUSE-SU-2026:21514-1: important: Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814263370.3577.15404631346723163974@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21514-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-382=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-38-rt-5-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_14-debugsource-5-1.1 * kernel-livepatch-6_4_0-38-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:30:47 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:30:47 -0000 Subject: SUSE-SU-2026:21513-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814264728.3577.13807630423726930870@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21513-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-37.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-381=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_13-debugsource-5-1.1 * kernel-livepatch-6_4_0-37-rt-5-1.1 * kernel-livepatch-6_4_0-37-rt-debuginfo-5-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:30:57 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:30:57 -0000 Subject: SUSE-SU-2026:21512-1: important: Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814265775.3577.4291519630139332470@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21512-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-380=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-36-rt-debuginfo-9-1.1 * kernel-livepatch-6_4_0-36-rt-9-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_12-debugsource-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:31:07 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:31:07 -0000 Subject: SUSE-SU-2026:21511-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814266744.3577.11806131286800412829@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21511-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-379=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_11-debugsource-10-1.1 * kernel-livepatch-6_4_0-35-rt-10-1.1 * kernel-livepatch-6_4_0-35-rt-debuginfo-10-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:31:18 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:31:18 -0000 Subject: SUSE-SU-2026:21510-1: important: Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814267815.3577.16533457663009562670@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21510-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-378=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_10-debugsource-14-1.1 * kernel-livepatch-6_4_0-34-rt-14-1.1 * kernel-livepatch-6_4_0-34-rt-debuginfo-14-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:31:28 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:31:28 -0000 Subject: SUSE-SU-2026:21509-1: important: Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814268888.3577.10511846929686990645@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21509-1 Release Date: 2026-05-05T13:07:21Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-33.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-377=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_9-debugsource-14-1.2 * kernel-livepatch-6_4_0-33-rt-14-1.2 * kernel-livepatch-6_4_0-33-rt-debuginfo-14-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:31:39 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:31:39 -0000 Subject: SUSE-SU-2026:21508-1: important: Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814269949.3577.1683435551786363300@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21508-1 Release Date: 2026-05-05T13:07:20Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-376=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-MICRO-6-0-RT_Update_8-debugsource-16-1.2 * kernel-livepatch-6_4_0-31-rt-debuginfo-16-1.2 * kernel-livepatch-6_4_0-31-rt-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:31:50 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:31:50 -0000 Subject: SUSE-SU-2026:21507-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814271011.3577.15538372345447273566@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21507-1 Release Date: 2026-05-05T13:07:20Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-375=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-30-rt-17-1.3 * kernel-livepatch-MICRO-6-0-RT_Update_7-debugsource-17-1.3 * kernel-livepatch-6_4_0-30-rt-debuginfo-17-1.3 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:32:01 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:32:01 -0000 Subject: SUSE-SU-2026:21506-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814272184.3577.7170798085573430366@dde0e951fc7e> # Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21506-1 Release Date: 2026-05-05T13:07:20Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-374=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-28-rt-debuginfo-17-3.1 * kernel-livepatch-MICRO-6-0-RT_Update_6-debugsource-17-3.1 * kernel-livepatch-6_4_0-28-rt-17-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:32:11 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:32:11 -0000 Subject: SUSE-SU-2026:21505-1: important: Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814273138.3577.14219932792226984197@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21505-1 Release Date: 2026-05-05T14:58:33Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-396=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_13-debugsource-7-1.1 * kernel-livepatch-6_4_0-36-default-debuginfo-7-1.1 * kernel-livepatch-6_4_0-36-default-7-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:32:21 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:32:21 -0000 Subject: SUSE-SU-2026:21504-1: important: Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814274120.3577.14658824881454507021@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 14 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21504-1 Release Date: 2026-05-05T13:36:02Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-391=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-38-default-debuginfo-5-1.2 * kernel-livepatch-6_4_0-38-default-5-1.2 * kernel-livepatch-MICRO-6-0_Update_14-debugsource-5-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:32:30 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:32:30 -0000 Subject: SUSE-SU-2026:21503-1: important: Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814275056.3577.791664521951944637@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21503-1 Release Date: 2026-05-05T13:18:42Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-35.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-390=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-35-default-debuginfo-9-1.1 * kernel-livepatch-6_4_0-35-default-9-1.1 * kernel-livepatch-MICRO-6-0_Update_12-debugsource-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:32:35 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:32:35 -0000 Subject: SUSE-SU-2026:21502-1: important: Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814275590.3577.15776265505766936063@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21502-1 Release Date: 2026-05-05T13:15:07Z Rating: important References: * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-395=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-40-default-3-1.1 * kernel-livepatch-6_4_0-40-default-debuginfo-3-1.1 * kernel-livepatch-MICRO-6-0_Update_17-debugsource-3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:32:47 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:32:47 -0000 Subject: SUSE-SU-2026:21501-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814276792.3577.9937142651778996373@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21501-1 Release Date: 2026-05-05T13:15:07Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-29.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-394=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_7-debugsource-17-1.2 * kernel-livepatch-6_4_0-29-default-17-1.2 * kernel-livepatch-6_4_0-29-default-debuginfo-17-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:32:53 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:32:53 -0000 Subject: SUSE-SU-2026:21500-1: important: Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814277390.3577.8747036780367604760@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 16 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21500-1 Release Date: 2026-05-05T13:14:11Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-392=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_16-debugsource-4-1.1 * kernel-livepatch-6_4_0-39-default-debuginfo-4-1.1 * kernel-livepatch-6_4_0-39-default-4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:33:02 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:33:02 -0000 Subject: SUSE-SU-2026:21499-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814278299.3577.18256615993382071726@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21499-1 Release Date: 2026-05-05T13:11:23Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-389=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-34-default-debuginfo-9-1.1 * kernel-livepatch-MICRO-6-0_Update_11-debugsource-9-1.1 * kernel-livepatch-6_4_0-34-default-9-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:33:12 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:33:12 -0000 Subject: SUSE-SU-2026:21498-1: important: Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814279263.3577.16558212817960915943@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21498-1 Release Date: 2026-05-05T13:10:44Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-32.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-388=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-32-default-10-1.1 * kernel-livepatch-MICRO-6-0_Update_10-debugsource-10-1.1 * kernel-livepatch-6_4_0-32-default-debuginfo-10-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:33:23 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:33:23 -0000 Subject: SUSE-SU-2026:21497-1: important: Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814280333.3577.3359537043999057661@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21497-1 Release Date: 2026-05-05T13:10:05Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-31.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-387=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-MICRO-6-0_Update_9-debugsource-16-1.2 * kernel-livepatch-6_4_0-31-default-16-1.2 * kernel-livepatch-6_4_0-31-default-debuginfo-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:33:34 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:33:34 -0000 Subject: SUSE-SU-2026:21496-1: important: Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814281465.3577.3897172952619718102@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 8 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21496-1 Release Date: 2026-05-05T13:10:05Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-30.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-386=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-30-default-debuginfo-16-1.2 * kernel-livepatch-6_4_0-30-default-16-1.2 * kernel-livepatch-MICRO-6-0_Update_8-debugsource-16-1.2 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:33:44 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:33:44 -0000 Subject: SUSE-SU-2026:21495-1: important: Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814282480.3577.8079258222226715213@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21495-1 Release Date: 2026-05-05T13:10:05Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-28.1 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-385=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-28-default-debuginfo-18-3.1 * kernel-livepatch-MICRO-6-0_Update_6-debugsource-18-3.1 * kernel-livepatch-6_4_0-28-default-18-3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:33:47 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:33:47 -0000 Subject: SUSE-SU-2026:21494-1: important: Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Message-ID: <177814282781.3577.9308759287560832055@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise Micro 6.0) Announcement ID: SUSE-SU-2026:21494-1 Release Date: 2026-05-05T12:51:00Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-41.1 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-373=1 ## Package List: * SUSE Linux Micro 6.1 (s390x x86_64) * kernel-livepatch-6_4_0-41-default-2-1.1 * kernel-livepatch-MICRO-6-0_Update_18-debugsource-2-1.1 * kernel-livepatch-6_4_0-41-default-debuginfo-2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:33:50 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:33:50 -0000 Subject: SUSE-RU-2026:21493-1: moderate: Recommended update for lifecycle-data-sle-module-live-patching Message-ID: <177814283080.3577.9100623778856317417@dde0e951fc7e> # Recommended update for lifecycle-data-sle-module-live-patching Announcement ID: SUSE-RU-2026:21493-1 Release Date: 2026-05-04T13:18:05Z Rating: moderate References: * bsc#1020320 Affected Products: * SUSE Linux Micro 6.1 An update that has one fix can now be installed. ## Description: This update for lifecycle-data-sle-module-live-patching fixes the following issues: * Added data for 6_4_0-38, 6_4_0-39, 6_4_0-40, 6_4_0-41. (bsc#1020320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-372=1 ## Package List: * SUSE Linux Micro 6.1 (noarch) * lifecycle-data-sle-module-live-patching-6-7.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1020320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:33:56 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:33:56 -0000 Subject: SUSE-SU-2026:1726-1: important: Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7) Message-ID: <177814283658.3577.3180162750783913187@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 9 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1726-1 Release Date: 2026-05-06T16:04:15Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.31 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1726=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_31-default-debuginfo-4-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_9-debugsource-4-150700.2.1 * kernel-livepatch-6_4_0-150700_53_31-default-4-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 08:34:08 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 08:34:08 -0000 Subject: SUSE-SU-2026:1725-1: important: Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) Message-ID: <177814284822.3577.11038516020027493951@dde0e951fc7e> # Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1725-1 Release Date: 2026-05-06T16:04:08Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.51 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1725=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_51-default-debuginfo-15-150700.3.42.1 * kernel-livepatch-6_4_0-150700_51-default-15-150700.3.42.1 * kernel-livepatch-SLE15-SP7_Update_0-debugsource-15-150700.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:30:16 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:30:16 -0000 Subject: SUSE-SU-2026:1733-1: important: Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5) Message-ID: <177817141690.210.3398182226423151477@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 30 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:1733-1 Release Date: 2026-05-07T09:04:22Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.121 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1733=1 SUSE-2026-1734=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1733=1 SUSE-SLE- Module-Live-Patching-15-SP4-2026-1734=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1739=1 SUSE-2026-1746=1 SUSE-2026-1747=1 SUSE-2026-1738=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1738=1 SUSE-SLE- Module-Live-Patching-15-SP5-2026-1739=1 SUSE-SLE-Module-Live- Patching-15-SP5-2026-1746=1 SUSE-SLE-Module-Live-Patching-15-SP5-2026-1747=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_184-default-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_184-default-debuginfo-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_46-debugsource-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_44-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-12-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_184-default-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_184-default-debuginfo-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_46-debugsource-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_44-debugsource-12-150400.2.1 * kernel-livepatch-5_14_21-150400_24_176-default-debuginfo-12-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-18-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_29-debugsource-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_121-default-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_27-debugsource-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_30-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-14-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_103-default-debuginfo-18-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_26-debugsource-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_121-default-11-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_27-debugsource-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_121-default-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-debuginfo-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-debuginfo-14-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_30-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_55_110-default-17-150500.2.1 * kernel-livepatch-5_14_21-150500_55_103-default-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_116-default-14-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x) * kernel-livepatch-SLE15-SP5_Update_29-debugsource-14-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:30:20 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:30:20 -0000 Subject: SUSE-SU-2026:1736-1: important: Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6) Message-ID: <177817142036.210.6967280870768007396@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 22 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1736-1 Release Date: 2026-05-07T02:35:14Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.95 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1737=1 SUSE-SLE- Module-Live-Patching-15-SP4-2026-1736=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1730=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1730=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1736=1 SUSE-2026-1737=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_197-default-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_197-default-debuginfo-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_200-default-2-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_50-debugsource-2-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_49-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_200-default-debuginfo-2-150400.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_95-default-debuginfo-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_95-default-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_22-debugsource-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_95-default-debuginfo-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_95-default-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_22-debugsource-2-150600.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_197-default-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_197-default-debuginfo-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_200-default-2-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_50-debugsource-2-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_49-debugsource-2-150400.2.1 * kernel-livepatch-5_14_21-150400_24_200-default-debuginfo-2-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:30:29 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:30:29 -0000 Subject: SUSE-SU-2026:1728-1: important: Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6) Message-ID: <177817142904.210.5713397329951441343@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 17 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1728-1 Release Date: 2026-05-06T21:38:02Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.78 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1728=1 SUSE-2026-1729=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1728=1 SUSE-SLE- Module-Live-Patching-15-SP6-2026-1729=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_73-default-debuginfo-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_78-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_17-debugsource-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_16-debugsource-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_73-default-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_78-default-debuginfo-5-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_73-default-debuginfo-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_78-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_17-debugsource-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_16-debugsource-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_73-default-7-150600.2.1 * kernel-livepatch-6_4_0-150600_23_78-default-debuginfo-5-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:30:37 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:30:37 -0000 Subject: SUSE-SU-2026:1735-1: important: Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6) Message-ID: <177817143701.210.6302613831016998870@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 20 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1735-1 Release Date: 2026-05-07T02:34:47Z Rating: important References: * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.87 fixes various security issues The following security issues were fixed: * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1727=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1735=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1735=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1727=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_20-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_87-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_87-default-debuginfo-4-150600.2.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_194-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_48-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_194-default-4-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_194-default-debuginfo-4-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_48-debugsource-4-150400.2.1 * kernel-livepatch-5_14_21-150400_24_194-default-4-150400.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_20-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_87-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_87-default-debuginfo-4-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:30:41 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:30:41 -0000 Subject: SUSE-SU-2026:1751-1: important: Security update for jetty-minimal Message-ID: <177817144153.210.12023548629659923540@2df5abbbd056> # Security update for jetty-minimal Announcement ID: SUSE-SU-2026:1751-1 Release Date: 2026-05-07T11:53:45Z Rating: important References: * bsc#1261997 * bsc#1262115 Cross-References: * CVE-2026-2332 * CVE-2026-5795 CVSS scores: * CVE-2026-2332 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-2332 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-2332 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-5795 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-5795 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-5795 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Development Tools Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for jetty-minimal fixes the following issues: * CVE-2026-2332: In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques (bsc#1262115). * CVE-2026-5795: Fixed JaspiAuthenticator broken access control (bsc#1261997). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-1751=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1751=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1751=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1751=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1751=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1751=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1751=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1751=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1751=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1751=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1751=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1751=1 ## Package List: * Development Tools Module 15-SP7 (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Package Hub 15 15-SP7 (noarch) * jetty-continuation-9.4.58-150200.3.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * jetty-http-9.4.58-150200.3.40.1 * jetty-security-9.4.58-150200.3.40.1 * jetty-servlet-9.4.58-150200.3.40.1 * jetty-io-9.4.58-150200.3.40.1 * jetty-util-9.4.58-150200.3.40.1 * jetty-util-ajax-9.4.58-150200.3.40.1 * jetty-server-9.4.58-150200.3.40.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2332.html * https://www.suse.com/security/cve/CVE-2026-5795.html * https://bugzilla.suse.com/show_bug.cgi?id=1261997 * https://bugzilla.suse.com/show_bug.cgi?id=1262115 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:30:44 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:30:44 -0000 Subject: SUSE-SU-2026:1750-1: important: Security update for librsvg Message-ID: <177817144453.210.240789288283463575@2df5abbbd056> # Security update for librsvg Announcement ID: SUSE-SU-2026:1750-1 Release Date: 2026-05-07T11:52:26Z Rating: important References: * bsc#1257922 Cross-References: * CVE-2026-25727 CVSS scores: * CVE-2026-25727 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-25727 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-25727 ( NVD ): 6.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-25727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for librsvg fixes the following issue: * CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257922). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1750=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1750=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1750=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1750=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1750=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * rsvg-convert-debuginfo-2.57.4-150600.3.8.2 * rsvg-convert-2.57.4-150600.3.8.2 * librsvg-debugsource-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2 * librsvg-2-2-debuginfo-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2 * librsvg-devel-2.57.4-150600.3.8.2 * typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2 * librsvg-2-2-2.57.4-150600.3.8.2 * openSUSE Leap 15.6 (noarch) * rsvg-thumbnailer-2.57.4-150600.3.8.2 * openSUSE Leap 15.6 (aarch64_ilp32) * librsvg-2-2-64bit-debuginfo-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-64bit-debuginfo-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-64bit-2.57.4-150600.3.8.2 * librsvg-2-2-64bit-2.57.4-150600.3.8.2 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * librsvg-debugsource-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2 * librsvg-2-2-debuginfo-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2 * librsvg-2-2-2.57.4-150600.3.8.2 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2 * librsvg-devel-2.57.4-150600.3.8.2 * librsvg-debugsource-2.57.4-150600.3.8.2 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * librsvg-debugsource-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2 * librsvg-2-2-debuginfo-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2 * librsvg-devel-2.57.4-150600.3.8.2 * typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2 * librsvg-2-2-2.57.4-150600.3.8.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * librsvg-debugsource-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2 * librsvg-2-2-debuginfo-2.57.4-150600.3.8.2 * gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2 * librsvg-devel-2.57.4-150600.3.8.2 * typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2 * librsvg-2-2-2.57.4-150600.3.8.2 ## References: * https://www.suse.com/security/cve/CVE-2026-25727.html * https://bugzilla.suse.com/show_bug.cgi?id=1257922 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:31:01 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:31:01 -0000 Subject: SUSE-SU-2026:1749-1: moderate: Security update for webkit2gtk3 Message-ID: <177817146102.210.2152685032235036579@2df5abbbd056> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2026:1749-1 Release Date: 2026-05-07T10:49:01Z Rating: moderate References: * bsc#1261172 * bsc#1261173 * bsc#1261174 * bsc#1261175 * bsc#1261176 * bsc#1261177 * bsc#1261178 * bsc#1261179 Cross-References: * CVE-2026-20643 * CVE-2026-20664 * CVE-2026-20665 * CVE-2026-20691 * CVE-2026-28857 * CVE-2026-28859 * CVE-2026-28861 * CVE-2026-28871 CVSS scores: * CVE-2026-20643 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-20643 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-20664 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-20664 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-20665 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2026-20665 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-20691 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-20691 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-28857 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28857 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-28859 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-28859 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-28861 ( SUSE ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N * CVE-2026-28861 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-28871 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-28871 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.4 An update that solves eight vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: * CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy (bsc#1261172). * CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected process crash (bsc#1261173). * CVE-2026-20665: processing maliciously crafted web content may prevent Content Security Policy from being enforced (bsc#1261174). * CVE-2026-20691: a maliciously crafted webpage may be able to fingerprint the user (bsc#1261175). * CVE-2026-28857: processing maliciously crafted web content may lead to an unexpected process crash (bsc#1261176). * CVE-2026-28859: a malicious website may be able to process restricted web content outside the sandbox (bsc#1261177). * CVE-2026-28861: a malicious website may be able to access script message handlers intended for other origins (bsc#1261178). * CVE-2026-28871: visiting a maliciously crafted website may lead to a cross- site scripting attack (bsc#1261179). Other updates and bugfixes: * Reduce the amount of useless MPRIS notifications produced by MediaSession when the information about media being played is incomplete. * Support turning off USE_GSTREAMER to configure the build with all multimedia features disabled. * Add Sysprof marks for mouse events. * Fix MediaSession icon for iheart.com not being displayed. * Fix the build with USE_GSTREAMER_GL disabled. * Fix the build with librice version 0.3.0 or newer. * Fix several crashes and rendering issues. * Translation updates: Georgian. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1749=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-4.1-lang-2.52.1-150400.4.140.2 * WebKitGTK-6.0-lang-2.52.1-150400.4.140.2 * WebKitGTK-4.0-lang-2.52.1-150400.4.140.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * webkit-jsc-4-debuginfo-2.52.1-150400.4.140.2 * typelib-1_0-JavaScriptCore-4_0-2.52.1-150400.4.140.2 * webkit2gtk4-minibrowser-2.52.1-150400.4.140.2 * webkit2gtk-4_0-injected-bundles-2.52.1-150400.4.140.2 * libwebkitgtk-6_0-4-debuginfo-2.52.1-150400.4.140.2 * webkit2gtk4-debugsource-2.52.1-150400.4.140.2 * typelib-1_0-WebKit2-4_0-2.52.1-150400.4.140.2 * webkit2gtk4-devel-2.52.1-150400.4.140.2 * webkit-jsc-4-2.52.1-150400.4.140.2 * webkit2gtk3-soup2-minibrowser-debuginfo-2.52.1-150400.4.140.2 * typelib-1_0-JavaScriptCore-6_0-2.52.1-150400.4.140.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.52.1-150400.4.140.2 * webkit2gtk3-soup2-minibrowser-2.52.1-150400.4.140.2 * typelib-1_0-JavaScriptCore-4_1-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_1-0-2.52.1-150400.4.140.2 * libjavascriptcoregtk-6_0-1-2.52.1-150400.4.140.2 * webkit2gtk3-devel-2.52.1-150400.4.140.2 * typelib-1_0-WebKit2WebExtension-4_1-2.52.1-150400.4.140.2 * libwebkit2gtk-4_0-37-debuginfo-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.52.1-150400.4.140.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.52.1-150400.4.140.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.52.1-150400.4.140.2 * webkit-jsc-4.1-debuginfo-2.52.1-150400.4.140.2 * webkit-jsc-6.0-debuginfo-2.52.1-150400.4.140.2 * webkit2gtk3-soup2-debugsource-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_0-18-2.52.1-150400.4.140.2 * libwebkitgtk-6_0-4-2.52.1-150400.4.140.2 * libwebkit2gtk-4_1-0-2.52.1-150400.4.140.2 * webkit2gtk4-minibrowser-debuginfo-2.52.1-150400.4.140.2 * libwebkit2gtk-4_0-37-2.52.1-150400.4.140.2 * libwebkit2gtk-4_1-0-debuginfo-2.52.1-150400.4.140.2 * webkit2gtk-4_1-injected-bundles-2.52.1-150400.4.140.2 * typelib-1_0-WebKit2-4_1-2.52.1-150400.4.140.2 * typelib-1_0-WebKit-6_0-2.52.1-150400.4.140.2 * typelib-1_0-WebKitWebProcessExtension-6_0-2.52.1-150400.4.140.2 * webkitgtk-6_0-injected-bundles-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.52.1-150400.4.140.2 * webkit2gtk3-minibrowser-2.52.1-150400.4.140.2 * typelib-1_0-WebKit2WebExtension-4_0-2.52.1-150400.4.140.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.52.1-150400.4.140.2 * webkit-jsc-4.1-2.52.1-150400.4.140.2 * webkit2gtk3-debugsource-2.52.1-150400.4.140.2 * webkit2gtk3-minibrowser-debuginfo-2.52.1-150400.4.140.2 * webkit2gtk3-soup2-devel-2.52.1-150400.4.140.2 * webkit-jsc-6.0-2.52.1-150400.4.140.2 * openSUSE Leap 15.4 (x86_64) * libwebkit2gtk-4_0-37-32bit-debuginfo-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.52.1-150400.4.140.2 * libwebkit2gtk-4_1-0-32bit-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_0-18-32bit-2.52.1-150400.4.140.2 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_1-0-32bit-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.52.1-150400.4.140.2 * libwebkit2gtk-4_0-37-32bit-2.52.1-150400.4.140.2 * openSUSE Leap 15.4 (aarch64_ilp32) * libwebkit2gtk-4_0-37-64bit-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_1-0-64bit-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.52.1-150400.4.140.2 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_0-18-64bit-2.52.1-150400.4.140.2 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.52.1-150400.4.140.2 * libwebkit2gtk-4_1-0-64bit-2.52.1-150400.4.140.2 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.52.1-150400.4.140.2 ## References: * https://www.suse.com/security/cve/CVE-2026-20643.html * https://www.suse.com/security/cve/CVE-2026-20664.html * https://www.suse.com/security/cve/CVE-2026-20665.html * https://www.suse.com/security/cve/CVE-2026-20691.html * https://www.suse.com/security/cve/CVE-2026-28857.html * https://www.suse.com/security/cve/CVE-2026-28859.html * https://www.suse.com/security/cve/CVE-2026-28861.html * https://www.suse.com/security/cve/CVE-2026-28871.html * https://bugzilla.suse.com/show_bug.cgi?id=1261172 * https://bugzilla.suse.com/show_bug.cgi?id=1261173 * https://bugzilla.suse.com/show_bug.cgi?id=1261174 * https://bugzilla.suse.com/show_bug.cgi?id=1261175 * https://bugzilla.suse.com/show_bug.cgi?id=1261176 * https://bugzilla.suse.com/show_bug.cgi?id=1261177 * https://bugzilla.suse.com/show_bug.cgi?id=1261178 * https://bugzilla.suse.com/show_bug.cgi?id=1261179 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:31:04 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:31:04 -0000 Subject: SUSE-RU-2026:1472-2: important: Recommended update for grub2 Message-ID: <177817146495.210.12439045967247051906@2df5abbbd056> # Recommended update for grub2 Announcement ID: SUSE-RU-2026:1472-2 Release Date: 2026-05-07T08:43:08Z Rating: important References: * bsc#1259543 Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for grub2 fixes the following issues: * Fix double free in xen booting if root filesystem is Btrfs (bsc#1259543) * btrfs: add ability to boot from subvolumes * btrfs: get default subvolume ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1472=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1472=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1472=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1472=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * grub2-2.06-150500.29.65.1 * grub2-debugsource-2.06-150500.29.65.1 * grub2-debuginfo-2.06-150500.29.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * grub2-systemd-sleep-plugin-2.06-150500.29.65.1 * grub2-i386-pc-2.06-150500.29.65.1 * grub2-snapper-plugin-2.06-150500.29.65.1 * grub2-x86_64-efi-2.06-150500.29.65.1 * grub2-arm64-efi-2.06-150500.29.65.1 * grub2-x86_64-xen-2.06-150500.29.65.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * grub2-2.06-150500.29.65.1 * grub2-debuginfo-2.06-150500.29.65.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * grub2-systemd-sleep-plugin-2.06-150500.29.65.1 * grub2-i386-pc-2.06-150500.29.65.1 * grub2-snapper-plugin-2.06-150500.29.65.1 * grub2-arm64-efi-2.06-150500.29.65.1 * grub2-x86_64-efi-2.06-150500.29.65.1 * grub2-powerpc-ieee1275-2.06-150500.29.65.1 * grub2-x86_64-xen-2.06-150500.29.65.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 s390x x86_64) * grub2-debugsource-2.06-150500.29.65.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (s390x) * grub2-s390x-emu-2.06-150500.29.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * grub2-2.06-150500.29.65.1 * grub2-debuginfo-2.06-150500.29.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * grub2-systemd-sleep-plugin-2.06-150500.29.65.1 * grub2-i386-pc-2.06-150500.29.65.1 * grub2-snapper-plugin-2.06-150500.29.65.1 * grub2-x86_64-efi-2.06-150500.29.65.1 * grub2-powerpc-ieee1275-2.06-150500.29.65.1 * grub2-x86_64-xen-2.06-150500.29.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * grub2-debugsource-2.06-150500.29.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * grub2-2.06-150500.29.65.1 * grub2-debugsource-2.06-150500.29.65.1 * grub2-debuginfo-2.06-150500.29.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * grub2-systemd-sleep-plugin-2.06-150500.29.65.1 * grub2-i386-pc-2.06-150500.29.65.1 * grub2-snapper-plugin-2.06-150500.29.65.1 * grub2-x86_64-efi-2.06-150500.29.65.1 * grub2-arm64-efi-2.06-150500.29.65.1 * grub2-x86_64-xen-2.06-150500.29.65.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1259543 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:31:19 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:31:19 -0000 Subject: SUSE-SU-2026:1745-1: important: Security update for rmt-server Message-ID: <177817147970.210.16411994777811021790@2df5abbbd056> # Security update for rmt-server Announcement ID: SUSE-SU-2026:1745-1 Release Date: 2026-05-07T07:22:43Z Rating: important References: * bsc#1261388 * bsc#1261398 * bsc#1261406 * bsc#1261417 * bsc#1261426 * bsc#1261436 * bsc#1261447 * bsc#1261458 * bsc#1261466 * bsc#1261471 Cross-References: * CVE-2026-26961 * CVE-2026-26962 * CVE-2026-34230 * CVE-2026-34763 * CVE-2026-34785 * CVE-2026-34786 * CVE-2026-34826 * CVE-2026-34829 * CVE-2026-34830 * CVE-2026-34831 CVSS scores: * CVE-2026-26961 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-26961 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-26961 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-26961 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-26962 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-26962 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-26962 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-26962 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-34230 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-34230 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34230 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34230 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34763 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34763 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34763 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34785 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-34785 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-34786 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-34786 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-34786 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-34826 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-34826 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34826 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34826 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-34829 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34830 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34830 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-34830 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-34830 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-34831 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-34831 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-34831 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-34831 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Public Cloud Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for rmt-server fixes the following issues: Update to version 2.27. Security issues fixed: * CVE-2026-26961: rack: greedy multipart boundary parsing can lead to parser differentials and WAF bypass (bsc#1261398). * CVE-2026-26962: rack: improper unfolding of folded multipart headers can lead to downstream header injection and response splitting(bsc#1261471). * CVE-2026-34763: rack: unescaped regex interpolation of configured root path can lead to root directory disclosure (bsc#1261406). * CVE-2026-34785: rack: prefix matching logic can lead to the exposure of unintended files under the static root (bsc#1261417). * CVE-2026-34786: rack: URL-encoded path mismatch can lead to `header_rules` bypass (bsc#1261426). * CVE-2026-34826: rack: missing individual byte range limit checks when parsing HTTP `Range` headers can lead to excessive resource consumption and a denial of service (bsc#1261436). * CVE-2026-34829: rack: multipart parsing without `Content-Length` header can lead to unbounded chunked file uploads and a denial of service (bsc#1261447). * CVE-2026-34230: rack: quadratic complexity when processing of wildcard `Accept-Encoding` headers can lead to a denial of service (bsc#1261388). * CVE-2026-34830: rack: improper sanitization of the `X-Accel-Mapping` request header can lead to the exposure of unintended files via `X-Accel-Redirect` (bsc#1261458). * CVE-2026-34831: rack: `Content-Length` header and body byte size mismatch when creating error responses can lead to incorrect HTTP response framing (bsc#1261466). Other updates and bugfixes: * Fix ReDoS in `Addressable`. * Fix out-of-bounds read in `rdiscount`. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2026-1745=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1745=1 ## Package List: * Public Cloud Module 15-SP7 (aarch64 ppc64le s390x x86_64) * rmt-server-debuginfo-2.27-150700.3.20.1 * rmt-server-pubcloud-2.27-150700.3.20.1 * rmt-server-debugsource-2.27-150700.3.20.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * rmt-server-config-2.27-150700.3.20.1 * rmt-server-debuginfo-2.27-150700.3.20.1 * rmt-server-debugsource-2.27-150700.3.20.1 * rmt-server-2.27-150700.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2026-26961.html * https://www.suse.com/security/cve/CVE-2026-26962.html * https://www.suse.com/security/cve/CVE-2026-34230.html * https://www.suse.com/security/cve/CVE-2026-34763.html * https://www.suse.com/security/cve/CVE-2026-34785.html * https://www.suse.com/security/cve/CVE-2026-34786.html * https://www.suse.com/security/cve/CVE-2026-34826.html * https://www.suse.com/security/cve/CVE-2026-34829.html * https://www.suse.com/security/cve/CVE-2026-34830.html * https://www.suse.com/security/cve/CVE-2026-34831.html * https://bugzilla.suse.com/show_bug.cgi?id=1261388 * https://bugzilla.suse.com/show_bug.cgi?id=1261398 * https://bugzilla.suse.com/show_bug.cgi?id=1261406 * https://bugzilla.suse.com/show_bug.cgi?id=1261417 * https://bugzilla.suse.com/show_bug.cgi?id=1261426 * https://bugzilla.suse.com/show_bug.cgi?id=1261436 * https://bugzilla.suse.com/show_bug.cgi?id=1261447 * https://bugzilla.suse.com/show_bug.cgi?id=1261458 * https://bugzilla.suse.com/show_bug.cgi?id=1261466 * https://bugzilla.suse.com/show_bug.cgi?id=1261471 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:31:23 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:31:23 -0000 Subject: SUSE-SU-2026:1744-1: moderate: Security update for python-pytest Message-ID: <177817148352.210.11536520219648680945@2df5abbbd056> # Security update for python-pytest Announcement ID: SUSE-SU-2026:1744-1 Release Date: 2026-05-07T07:17:07Z Rating: moderate References: * bsc#1257090 Cross-References: * CVE-2025-71176 CVSS scores: * CVE-2025-71176 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L * CVE-2025-71176 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L * CVE-2025-71176 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.4 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-pytest fixes the following issue * CVE-2025-71176: a TOCTOU race condition can cause a denial of service or possibly gain privileges (bsc#1257090). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1744=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-1744=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-pytest-8.3.5-150400.3.15.1 * Python 3 Module 15-SP7 (noarch) * python311-pytest-8.3.5-150400.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71176.html * https://bugzilla.suse.com/show_bug.cgi?id=1257090 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:31:31 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:31:31 -0000 Subject: SUSE-SU-2026:1743-1: important: Security update for xen Message-ID: <177817149124.210.3359761140702736443@2df5abbbd056> # Security update for xen Announcement ID: SUSE-SU-2026:1743-1 Release Date: 2026-05-07T07:15:57Z Rating: important References: * bsc#1027519 * bsc#1262178 * bsc#1262180 * bsc#1262428 * jsc#PED-8907 Cross-References: * CVE-2025-54505 * CVE-2026-23557 * CVE-2026-23558 CVSS scores: * CVE-2025-54505 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-54505 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-54505 ( NVD ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-23557 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2026-23558 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23558 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * Update to Xen 4.20.3 bug fix release (bsc#1027519) (jsc#PED-8907). * CVE-2025-54505: Floating Point Divider State Sampling on AMD CPUs AMD- SN-7053 (bsc#1262428). * CVE-2026-23557: Xenstored DoS via XS_RESET_WATCHES command (bsc#1262178). * CVE-2026-23558: grant table v2 race in status page mapping (bsc#1262180). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1743=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1743=1 ## Package List: * Basesystem Module 15-SP7 (x86_64) * xen-libs-debuginfo-4.20.3_02-150700.3.33.1 * xen-debugsource-4.20.3_02-150700.3.33.1 * xen-tools-domU-4.20.3_02-150700.3.33.1 * xen-tools-domU-debuginfo-4.20.3_02-150700.3.33.1 * xen-libs-4.20.3_02-150700.3.33.1 * Server Applications Module 15-SP7 (x86_64) * xen-tools-4.20.3_02-150700.3.33.1 * xen-4.20.3_02-150700.3.33.1 * xen-debugsource-4.20.3_02-150700.3.33.1 * xen-tools-debuginfo-4.20.3_02-150700.3.33.1 * xen-devel-4.20.3_02-150700.3.33.1 * Server Applications Module 15-SP7 (noarch) * xen-tools-xendomains-wait-disk-4.20.3_02-150700.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2025-54505.html * https://www.suse.com/security/cve/CVE-2026-23557.html * https://www.suse.com/security/cve/CVE-2026-23558.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1262178 * https://bugzilla.suse.com/show_bug.cgi?id=1262180 * https://bugzilla.suse.com/show_bug.cgi?id=1262428 * https://jira.suse.com/browse/PED-8907 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:31:37 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:31:37 -0000 Subject: SUSE-SU-2026:1742-1: important: Security update for mozjs52 Message-ID: <177817149705.210.3481790175315646891@2df5abbbd056> # Security update for mozjs52 Announcement ID: SUSE-SU-2026:1742-1 Release Date: 2026-05-07T07:15:49Z Rating: important References: * bsc#1259713 * bsc#1259728 * bsc#1259731 Cross-References: * CVE-2026-32776 * CVE-2026-32777 * CVE-2026-32778 CVSS scores: * CVE-2026-32776 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32776 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32776 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32776 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32777 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32777 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32777 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32777 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32778 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32778 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32778 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32778 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for mozjs52 fixes the following issues * CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259728). * CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing (bsc#1259713). * CVE-2026-32778: libexpat: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259731). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1742=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x x86_64) * mozjs52-debuginfo-52.6.0-150000.3.12.1 * mozjs52-debugsource-52.6.0-150000.3.12.1 * libmozjs-52-52.6.0-150000.3.12.1 * libmozjs-52-debuginfo-52.6.0-150000.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32776.html * https://www.suse.com/security/cve/CVE-2026-32777.html * https://www.suse.com/security/cve/CVE-2026-32778.html * https://bugzilla.suse.com/show_bug.cgi?id=1259713 * https://bugzilla.suse.com/show_bug.cgi?id=1259728 * https://bugzilla.suse.com/show_bug.cgi?id=1259731 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:31:41 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:31:41 -0000 Subject: SUSE-SU-2026:1741-1: important: Security update for MozillaThunderbird Message-ID: <177817150125.210.12685590096305163738@2df5abbbd056> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2026:1741-1 Release Date: 2026-05-07T07:01:07Z Rating: important References: * bsc#1262230 * bsc#1263110 Cross-References: * CVE-2026-6746 * CVE-2026-6747 * CVE-2026-6748 * CVE-2026-6749 * CVE-2026-6750 * CVE-2026-6751 * CVE-2026-6752 * CVE-2026-6753 * CVE-2026-6754 * CVE-2026-6757 * CVE-2026-6759 * CVE-2026-6761 * CVE-2026-6762 * CVE-2026-6763 * CVE-2026-6764 * CVE-2026-6765 * CVE-2026-6766 * CVE-2026-6767 * CVE-2026-6769 * CVE-2026-6770 * CVE-2026-6771 * CVE-2026-6772 * CVE-2026-6776 * CVE-2026-6785 * CVE-2026-6786 * CVE-2026-7320 * CVE-2026-7321 * CVE-2026-7322 * CVE-2026-7323 CVSS scores: * CVE-2026-6746 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6747 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6748 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6749 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6750 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6751 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-6752 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-6753 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-6754 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6757 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-6759 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6761 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6762 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-6763 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6764 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2026-6765 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6766 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6767 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-6769 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6770 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-6771 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6772 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-6776 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-6785 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6786 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-7320 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-7321 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-7322 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-7323 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves 29 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues Updated to Mozilla Thunderbird 140.10.1: MFSA 2026-34 (bsc#1262230): * CVE-2026-6746: Use-after-free in the DOM: Core & HTML component. * CVE-2026-6747: Use-after-free in the WebRTC component. * CVE-2026-6748: Uninitialized memory in the Audio/Video: Web Codecs component. * CVE-2026-6749: Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. * CVE-2026-6750: Privilege escalation in the Graphics: WebRender component. * CVE-2026-6751: Uninitialized memory in the Audio/Video: Web Codecs component. * CVE-2026-6752: Incorrect boundary conditions in the WebRTC component. * CVE-2026-6753: Incorrect boundary conditions in the WebRTC component. * CVE-2026-6754: Use-after-free in the JavaScript Engine component. * CVE-2026-6757: Invalid pointer in the JavaScript: WebAssembly component. * CVE-2026-6759: Use-after-free in the Widget: Cocoa component. * CVE-2026-6761: Privilege escalation in the Networking component. * CVE-2026-6762: Spoofing issue in the DOM: Core & HTML component. * CVE-2026-6763: Mitigation bypass in the File Handling component. * CVE-2026-6764: Incorrect boundary conditions in the DOM: Device Interfaces component. * CVE-2026-6765: Information disclosure in the Form Autofill component. * CVE-2026-6766: Incorrect boundary conditions in the Libraries component in NSS. * CVE-2026-6767: Other issue in the Libraries component in NSS. * CVE-2026-6769: Privilege escalation in the Debugger component. * CVE-2026-6770: Other issue in the Storage: IndexedDB component. * CVE-2026-6771: Mitigation bypass in the DOM: Security component. * CVE-2026-6772: Incorrect boundary conditions in the Libraries component in NSS. * CVE-2026-6776: Incorrect boundary conditions in the WebRTC: Networking component. * CVE-2026-6785: Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. * CVE-2026-6786: Memory safety bugs fixed in Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150. MFSA 2026-39 (bsc#1263110): * CVE-2026-7320: Information disclosure due to incorrect boundary conditions in the Audio/Video component. * CVE-2026-7321: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. * CVE-2026-7322: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. * CVE-2026-7323: Memory safety bugs fixed in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. Other updates and bugfixes: * Fixed: Newly translated strings were not available in Thunderbird. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1741=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-1741=1 ## Package List: * SUSE Package Hub 15 15-SP7 (aarch64 ppc64le s390x) * MozillaThunderbird-debuginfo-140.10.1-150200.8.271.1 * MozillaThunderbird-debugsource-140.10.1-150200.8.271.1 * MozillaThunderbird-translations-other-140.10.1-150200.8.271.1 * MozillaThunderbird-140.10.1-150200.8.271.1 * MozillaThunderbird-translations-common-140.10.1-150200.8.271.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * MozillaThunderbird-debuginfo-140.10.1-150200.8.271.1 * MozillaThunderbird-debugsource-140.10.1-150200.8.271.1 * MozillaThunderbird-translations-other-140.10.1-150200.8.271.1 * MozillaThunderbird-140.10.1-150200.8.271.1 * MozillaThunderbird-translations-common-140.10.1-150200.8.271.1 ## References: * https://www.suse.com/security/cve/CVE-2026-6746.html * https://www.suse.com/security/cve/CVE-2026-6747.html * https://www.suse.com/security/cve/CVE-2026-6748.html * https://www.suse.com/security/cve/CVE-2026-6749.html * https://www.suse.com/security/cve/CVE-2026-6750.html * https://www.suse.com/security/cve/CVE-2026-6751.html * https://www.suse.com/security/cve/CVE-2026-6752.html * https://www.suse.com/security/cve/CVE-2026-6753.html * https://www.suse.com/security/cve/CVE-2026-6754.html * https://www.suse.com/security/cve/CVE-2026-6757.html * https://www.suse.com/security/cve/CVE-2026-6759.html * https://www.suse.com/security/cve/CVE-2026-6761.html * https://www.suse.com/security/cve/CVE-2026-6762.html * https://www.suse.com/security/cve/CVE-2026-6763.html * https://www.suse.com/security/cve/CVE-2026-6764.html * https://www.suse.com/security/cve/CVE-2026-6765.html * https://www.suse.com/security/cve/CVE-2026-6766.html * https://www.suse.com/security/cve/CVE-2026-6767.html * https://www.suse.com/security/cve/CVE-2026-6769.html * https://www.suse.com/security/cve/CVE-2026-6770.html * https://www.suse.com/security/cve/CVE-2026-6771.html * https://www.suse.com/security/cve/CVE-2026-6772.html * https://www.suse.com/security/cve/CVE-2026-6776.html * https://www.suse.com/security/cve/CVE-2026-6785.html * https://www.suse.com/security/cve/CVE-2026-6786.html * https://www.suse.com/security/cve/CVE-2026-7320.html * https://www.suse.com/security/cve/CVE-2026-7321.html * https://www.suse.com/security/cve/CVE-2026-7322.html * https://www.suse.com/security/cve/CVE-2026-7323.html * https://bugzilla.suse.com/show_bug.cgi?id=1262230 * https://bugzilla.suse.com/show_bug.cgi?id=1263110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:31:53 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:31:53 -0000 Subject: SUSE-SU-2026:1740-1: moderate: Security update for python-Django Message-ID: <177817151330.210.276164356853575346@2df5abbbd056> # Security update for python-Django Announcement ID: SUSE-SU-2026:1740-1 Release Date: 2026-05-07T07:00:33Z Rating: moderate References: * bsc#1261722 * bsc#1261724 * bsc#1261729 * bsc#1261731 * bsc#1261732 * bsc#1264152 * bsc#1264153 * bsc#1264154 Cross-References: * CVE-2026-33033 * CVE-2026-33034 * CVE-2026-35192 * CVE-2026-3902 * CVE-2026-4277 * CVE-2026-4292 * CVE-2026-5766 * CVE-2026-6907 CVSS scores: * CVE-2026-33033 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-33033 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33033 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33034 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33034 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35192 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-35192 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2026-35192 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-35192 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-3902 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3902 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-3902 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-4277 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2026-4277 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-4292 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2026-4292 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2026-5766 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-5766 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5766 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-5766 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-6907 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-6907 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-6907 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6907 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2026-6907 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves eight vulnerabilities can now be installed. ## Description: This update for python-Django fixes the following issues * CVE-2026-3902: headers spoofing by exploiting an ambiguous mapping of two header variants in `ASGIRequest` requests (bsc#1261729). * CVE-2026-4277: permissions on inline model instances were not validated on submission of forged POST data in GenericInlineModelAdmin (bsc#1261731). * CVE-2026-4292: admin changelist forms using ModelAdmin.list_editable incorrectly allowed new instances to be created via forged POST data (bsc#1261732). * CVE-2026-5766: potential denial-of-service vulnerability in ASGI requests via file upload limit bypass (bsc#1264153). * CVE-2026-6907: potential exposure of private data due to incorrect handling of `Vary: *` in `UpdateCacheMiddleware` (bsc#1264152). * CVE-2026-33033: denial of service via missing or understated Content-Length header in ASGI requests (bsc#1261722). * CVE-2026-33034: ASGI requests with a missing or understated Content-Length header could bypass the `DATA_UPLOAD_MAX_MEMORY_SIZE` limit when reading HttpRequest.body (bsc#1261724). * CVE-2026-35192: session fixation via public cached pages and `SESSION_SAVE_EVERY_REQUEST` (bsc#1264154). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1740=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1740=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Django-4.2.11-150600.3.56.1 * SUSE Package Hub 15 15-SP7 (noarch) * python311-Django-4.2.11-150600.3.56.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33033.html * https://www.suse.com/security/cve/CVE-2026-33034.html * https://www.suse.com/security/cve/CVE-2026-35192.html * https://www.suse.com/security/cve/CVE-2026-3902.html * https://www.suse.com/security/cve/CVE-2026-4277.html * https://www.suse.com/security/cve/CVE-2026-4292.html * https://www.suse.com/security/cve/CVE-2026-5766.html * https://www.suse.com/security/cve/CVE-2026-6907.html * https://bugzilla.suse.com/show_bug.cgi?id=1261722 * https://bugzilla.suse.com/show_bug.cgi?id=1261724 * https://bugzilla.suse.com/show_bug.cgi?id=1261729 * https://bugzilla.suse.com/show_bug.cgi?id=1261731 * https://bugzilla.suse.com/show_bug.cgi?id=1261732 * https://bugzilla.suse.com/show_bug.cgi?id=1264152 * https://bugzilla.suse.com/show_bug.cgi?id=1264153 * https://bugzilla.suse.com/show_bug.cgi?id=1264154 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:32:05 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:32:05 -0000 Subject: SUSE-SU-2026:1732-1: important: Security update for java-17-openjdk Message-ID: <177817152590.210.3538208641831697192@2df5abbbd056> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2026:1732-1 Release Date: 2026-05-07T00:43:53Z Rating: important References: * bsc#1259118 * bsc#1262490 * bsc#1262494 * bsc#1262495 * bsc#1262496 * bsc#1262497 * bsc#1262500 * bsc#1262501 * jsc#PED-15898 Cross-References: * CVE-2026-22007 * CVE-2026-22013 * CVE-2026-22016 * CVE-2026-22018 * CVE-2026-22021 * CVE-2026-23865 * CVE-2026-34268 * CVE-2026-34282 CVSS scores: * CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22013 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34282 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves eight vulnerabilities and contains one feature can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.19+10 (April 2026 CPU). Security issues fixed: * CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessible data (bsc#1262490). * CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized access to critical data (bsc#1262494). * CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized to access critical data (bsc#1262495). * CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial denial of service (bsc#1262496). * CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service (bsc#1262497). * CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118). * CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of data (bsc#1262500). * CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or frequently repeatable crash (bsc#1262501). Other updates and bugfixes: * Provide the timezone-java and tzdata-java (jsc#PED-15898). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1732=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-1732=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1732=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1732=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1732=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1732=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1732=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1732=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1732=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1732=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1732=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1732=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-src-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-jmods-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.19.0-150400.3.66.2 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * java-17-openjdk-debugsource-17.0.19.0-150400.3.66.2 * java-17-openjdk-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-debuginfo-17.0.19.0-150400.3.66.2 * java-17-openjdk-devel-17.0.19.0-150400.3.66.2 * java-17-openjdk-17.0.19.0-150400.3.66.2 * java-17-openjdk-demo-17.0.19.0-150400.3.66.2 * java-17-openjdk-headless-17.0.19.0-150400.3.66.2 ## References: * https://www.suse.com/security/cve/CVE-2026-22007.html * https://www.suse.com/security/cve/CVE-2026-22013.html * https://www.suse.com/security/cve/CVE-2026-22016.html * https://www.suse.com/security/cve/CVE-2026-22018.html * https://www.suse.com/security/cve/CVE-2026-22021.html * https://www.suse.com/security/cve/CVE-2026-23865.html * https://www.suse.com/security/cve/CVE-2026-34268.html * https://www.suse.com/security/cve/CVE-2026-34282.html * https://bugzilla.suse.com/show_bug.cgi?id=1259118 * https://bugzilla.suse.com/show_bug.cgi?id=1262490 * https://bugzilla.suse.com/show_bug.cgi?id=1262494 * https://bugzilla.suse.com/show_bug.cgi?id=1262495 * https://bugzilla.suse.com/show_bug.cgi?id=1262496 * https://bugzilla.suse.com/show_bug.cgi?id=1262497 * https://bugzilla.suse.com/show_bug.cgi?id=1262500 * https://bugzilla.suse.com/show_bug.cgi?id=1262501 * https://jira.suse.com/browse/PED-15898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 16:32:18 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 16:32:18 -0000 Subject: SUSE-SU-2026:1731-1: important: Security update for java-11-openjdk Message-ID: <177817153880.210.6368984868451376538@2df5abbbd056> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2026:1731-1 Release Date: 2026-05-07T00:42:28Z Rating: important References: * bsc#1259118 * bsc#1262490 * bsc#1262494 * bsc#1262495 * bsc#1262496 * bsc#1262497 * bsc#1262500 * bsc#1262501 * jsc#PED-15898 Cross-References: * CVE-2026-22007 * CVE-2026-22013 * CVE-2026-22016 * CVE-2026-22018 * CVE-2026-22021 * CVE-2026-23865 * CVE-2026-34268 * CVE-2026-34282 CVSS scores: * CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22013 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34282 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves eight vulnerabilities and contains one feature can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.31+11 (April 2026 CPU). Security issues fixed: * CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessible data (bsc#1262490). * CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized access to critical data (bsc#1262494). * CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized to access critical data (bsc#1262495). * CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial denial of service (bsc#1262496). * CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service (bsc#1262497). * CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118). * CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of data (bsc#1262500). * CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or frequently repeatable crash (bsc#1262501). Other updates and bugfixes: * Provide the timezone-java and tzdata-java (jsc#PED-15898). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1731=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1731=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-1731=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1731=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1731=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1731=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1731=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1731=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1731=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1731=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1731=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1731=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-headless-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-debugsource-11.0.31.0-150000.3.138.1 * java-11-openjdk-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-headless-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-debugsource-11.0.31.0-150000.3.138.1 * java-11-openjdk-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Package Hub 15 15-SP7 (noarch) * java-11-openjdk-javadoc-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-debugsource-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-debugsource-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-debugsource-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-headless-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-debugsource-11.0.31.0-150000.3.138.1 * java-11-openjdk-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-debuginfo-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-11-openjdk-headless-11.0.31.0-150000.3.138.1 * java-11-openjdk-demo-11.0.31.0-150000.3.138.1 * java-11-openjdk-debugsource-11.0.31.0-150000.3.138.1 * java-11-openjdk-11.0.31.0-150000.3.138.1 * java-11-openjdk-devel-11.0.31.0-150000.3.138.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22007.html * https://www.suse.com/security/cve/CVE-2026-22013.html * https://www.suse.com/security/cve/CVE-2026-22016.html * https://www.suse.com/security/cve/CVE-2026-22018.html * https://www.suse.com/security/cve/CVE-2026-22021.html * https://www.suse.com/security/cve/CVE-2026-23865.html * https://www.suse.com/security/cve/CVE-2026-34268.html * https://www.suse.com/security/cve/CVE-2026-34282.html * https://bugzilla.suse.com/show_bug.cgi?id=1259118 * https://bugzilla.suse.com/show_bug.cgi?id=1262490 * https://bugzilla.suse.com/show_bug.cgi?id=1262494 * https://bugzilla.suse.com/show_bug.cgi?id=1262495 * https://bugzilla.suse.com/show_bug.cgi?id=1262496 * https://bugzilla.suse.com/show_bug.cgi?id=1262497 * https://bugzilla.suse.com/show_bug.cgi?id=1262500 * https://bugzilla.suse.com/show_bug.cgi?id=1262501 * https://jira.suse.com/browse/PED-15898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 20:30:07 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 20:30:07 -0000 Subject: SUSE-RU-2026:1759-1: moderate: Recommended update for dracut Message-ID: <177818580720.263.934924857124438031@d7d34dcee2d8> # Recommended update for dracut Announcement ID: SUSE-RU-2026:1759-1 Release Date: 2026-05-07T14:03:53Z Rating: moderate References: * bsc#1261274 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for dracut fixes the following issues: * Update to version 055+suse.399.g9aa7e567: * fix: make iso-scan trigger udev events (bsc#1261274) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1759=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1759=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1759=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1759=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1759=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1759=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * dracut-mkinitrd-deprecated-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debugsource-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debuginfo-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-tools-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-ima-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-fips-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-extra-055+suse.399.g9aa7e567-150500.3.35.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dracut-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debuginfo-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-fips-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debugsource-055+suse.399.g9aa7e567-150500.3.35.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dracut-mkinitrd-deprecated-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debugsource-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debuginfo-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-ima-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-fips-055+suse.399.g9aa7e567-150500.3.35.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dracut-mkinitrd-deprecated-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debugsource-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debuginfo-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-ima-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-fips-055+suse.399.g9aa7e567-150500.3.35.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dracut-mkinitrd-deprecated-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debugsource-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debuginfo-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-ima-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-fips-055+suse.399.g9aa7e567-150500.3.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dracut-mkinitrd-deprecated-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debugsource-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-debuginfo-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-ima-055+suse.399.g9aa7e567-150500.3.35.1 * dracut-fips-055+suse.399.g9aa7e567-150500.3.35.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1261274 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 20:30:10 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 20:30:10 -0000 Subject: SUSE-RU-2026:1758-1: moderate: Recommended update for dracut Message-ID: <177818581063.263.14147499935974110624@d7d34dcee2d8> # Recommended update for dracut Announcement ID: SUSE-RU-2026:1758-1 Release Date: 2026-05-07T14:03:24Z Rating: moderate References: * bsc#1261274 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that has one fix can now be installed. ## Description: This update for dracut fixes the following issues: * Update to version 055+suse.362.ge7032140: * fix: make iso-scan trigger udev events (bsc#1261274) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1758=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1758=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1758=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1758=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1758=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1758=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1758=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1758=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-ima-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-ima-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-ima-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-ima-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * dracut-tools-055+suse.362.ge7032140-150400.3.43.1 * dracut-extra-055+suse.362.ge7032140-150400.3.43.1 * dracut-055+suse.362.ge7032140-150400.3.43.1 * dracut-debugsource-055+suse.362.ge7032140-150400.3.43.1 * dracut-mkinitrd-deprecated-055+suse.362.ge7032140-150400.3.43.1 * dracut-ima-055+suse.362.ge7032140-150400.3.43.1 * dracut-debuginfo-055+suse.362.ge7032140-150400.3.43.1 * dracut-fips-055+suse.362.ge7032140-150400.3.43.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1261274 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 20:30:14 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 20:30:14 -0000 Subject: SUSE-RU-2026:1757-1: important: Recommended update for grub2 Message-ID: <177818581456.263.9003892592641068262@d7d34dcee2d8> # Recommended update for grub2 Announcement ID: SUSE-RU-2026:1757-1 Release Date: 2026-05-07T14:02:39Z Rating: important References: * bsc#1259543 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that has one fix can now be installed. ## Description: This update for grub2 fixes the following issues: * Fix double free in xen booting if root filesystem is Btrfs (bsc#1259543) * btrfs: add ability to boot from subvolumes * btrfs: get default subvolume ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1757=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1757=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1757=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1757=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1757=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1757=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1757=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1757=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1757=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * grub2-debuginfo-2.06-150400.11.72.2 * grub2-branding-upstream-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * openSUSE Leap 15.4 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.06-150400.11.72.2 * openSUSE Leap 15.4 (noarch) * grub2-systemd-sleep-plugin-2.06-150400.11.72.2 * grub2-powerpc-ieee1275-debug-2.06-150400.11.72.2 * grub2-s390x-emu-extras-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * grub2-x86_64-efi-debug-2.06-150400.11.72.2 * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-i386-efi-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-i386-pc-extras-2.06-150400.11.72.2 * grub2-powerpc-ieee1275-2.06-150400.11.72.2 * grub2-x86_64-xen-extras-2.06-150400.11.72.2 * grub2-arm64-efi-2.06-150400.11.72.2 * grub2-arm64-efi-debug-2.06-150400.11.72.2 * grub2-i386-xen-2.06-150400.11.72.2 * grub2-powerpc-ieee1275-extras-2.06-150400.11.72.2 * grub2-x86_64-efi-extras-2.06-150400.11.72.2 * grub2-arm64-efi-extras-2.06-150400.11.72.2 * grub2-i386-xen-extras-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-i386-efi-extras-2.06-150400.11.72.2 * grub2-i386-efi-debug-2.06-150400.11.72.2 * grub2-i386-pc-debug-2.06-150400.11.72.2 * openSUSE Leap 15.4 (s390x) * grub2-s390x-emu-debug-2.06-150400.11.72.2 * grub2-s390x-emu-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.72.2 * grub2-debuginfo-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * grub2-arm64-efi-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x) * grub2-s390x-emu-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.72.2 * grub2-debuginfo-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro 5.3 (noarch) * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * grub2-arm64-efi-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro 5.3 (s390x) * grub2-s390x-emu-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.72.2 * grub2-debuginfo-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * grub2-arm64-efi-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x) * grub2-s390x-emu-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.72.2 * grub2-debuginfo-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro 5.4 (noarch) * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * grub2-arm64-efi-2.06-150400.11.72.2 * SUSE Linux Enterprise Micro 5.4 (s390x) * grub2-s390x-emu-2.06-150400.11.72.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * grub2-debugsource-2.06-150400.11.72.2 * grub2-debuginfo-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-systemd-sleep-plugin-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * grub2-arm64-efi-2.06-150400.11.72.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * grub2-debugsource-2.06-150400.11.72.2 * grub2-debuginfo-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-systemd-sleep-plugin-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * grub2-arm64-efi-2.06-150400.11.72.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-systemd-sleep-plugin-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-powerpc-ieee1275-2.06-150400.11.72.2 * grub2-arm64-efi-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 s390x x86_64) * grub2-debugsource-2.06-150400.11.72.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * grub2-s390x-emu-2.06-150400.11.72.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * grub2-debuginfo-2.06-150400.11.72.2 * grub2-2.06-150400.11.72.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * grub2-x86_64-xen-2.06-150400.11.72.2 * grub2-systemd-sleep-plugin-2.06-150400.11.72.2 * grub2-i386-pc-2.06-150400.11.72.2 * grub2-x86_64-efi-2.06-150400.11.72.2 * grub2-powerpc-ieee1275-2.06-150400.11.72.2 * grub2-snapper-plugin-2.06-150400.11.72.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * grub2-debugsource-2.06-150400.11.72.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1259543 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 20:30:18 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 20:30:18 -0000 Subject: SUSE-RU-2026:1756-1: moderate: Recommended update for translate-suse-desktop Message-ID: <177818581848.263.1137102782129920779@d7d34dcee2d8> # Recommended update for translate-suse-desktop Announcement ID: SUSE-RU-2026:1756-1 Release Date: 2026-05-07T14:01:50Z Rating: moderate References: * bsc#1158957 Affected Products: * openSUSE Leap 15.6 An update that has one fix can now be installed. ## Description: This update for translate-suse-desktop fixes the following issues: * Releases into codestream only. (PED-18823) * New package that supports translation of SUSE specific desktop files. (bsc#1158957) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1756=1 ## Package List: * openSUSE Leap 15.6 (noarch) * translate-suse-desktop-0.20251113.f49c23d-150600.13.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1158957 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 20:30:21 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 20:30:21 -0000 Subject: SUSE-SU-2026:1755-1: important: Security update for freeipmi Message-ID: <177818582122.263.12646348859415050249@d7d34dcee2d8> # Security update for freeipmi Announcement ID: SUSE-SU-2026:1755-1 Release Date: 2026-05-07T13:55:17Z Rating: important References: * bsc#1260414 Cross-References: * CVE-2026-33554 CVSS scores: * CVE-2026-33554 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-33554 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-33554 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for freeipmi fixes the following issue: * CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses (bsc#1260414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1755=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1755=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1755=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1755=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1755=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1755=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1755=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1755=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1755=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1755=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1755=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1755=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * freeipmi-bmc-watchdog-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmidetectd-debuginfo-1.6.8-150400.3.3.1 * freeipmi-bmc-watchdog-debuginfo-1.6.8-150400.3.3.1 * freeipmi-ipmidetectd-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * Basesystem Module 15-SP7 (aarch64 x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * freeipmi-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-1.6.8-150400.3.3.1 * freeipmi-devel-1.6.8-150400.3.3.1 * freeipmi-debuginfo-1.6.8-150400.3.3.1 * libipmidetect0-1.6.8-150400.3.3.1 * libipmiconsole2-debuginfo-1.6.8-150400.3.3.1 * freeipmi-debugsource-1.6.8-150400.3.3.1 * libipmidetect0-debuginfo-1.6.8-150400.3.3.1 * libfreeipmi17-1.6.8-150400.3.3.1 * libipmimonitoring6-debuginfo-1.6.8-150400.3.3.1 * libipmiconsole2-1.6.8-150400.3.3.1 * freeipmi-ipmiseld-debuginfo-1.6.8-150400.3.3.1 * libipmimonitoring6-1.6.8-150400.3.3.1 * libfreeipmi17-debuginfo-1.6.8-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33554.html * https://bugzilla.suse.com/show_bug.cgi?id=1260414 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 20:30:24 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 20:30:24 -0000 Subject: SUSE-SU-2026:1754-1: important: Security update for freeipmi Message-ID: <177818582432.263.8296173103818366225@d7d34dcee2d8> # Security update for freeipmi Announcement ID: SUSE-SU-2026:1754-1 Release Date: 2026-05-07T13:54:30Z Rating: important References: * bsc#1260414 Cross-References: * CVE-2026-33554 CVSS scores: * CVE-2026-33554 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-33554 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2026-33554 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for freeipmi fixes the following issue: * CVE-2026-33554: improper memory handling and data validation can lead to stack buffer overflows and acceptance of malformed payloads/responses (bsc#1260414). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1754=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1754=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 x86_64) * freeipmi-debuginfo-1.5.7-3.6.1 * freeipmi-1.5.7-3.6.1 * libipmimonitoring6-debuginfo-1.5.7-3.6.1 * libipmimonitoring6-1.5.7-3.6.1 * libipmiconsole2-1.5.7-3.6.1 * libipmidetect0-debuginfo-1.5.7-3.6.1 * libfreeipmi17-1.5.7-3.6.1 * freeipmi-debugsource-1.5.7-3.6.1 * libfreeipmi17-debuginfo-1.5.7-3.6.1 * libipmiconsole2-debuginfo-1.5.7-3.6.1 * freeipmi-devel-1.5.7-3.6.1 * libipmidetect0-1.5.7-3.6.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * freeipmi-debuginfo-1.5.7-3.6.1 * freeipmi-1.5.7-3.6.1 * libipmimonitoring6-debuginfo-1.5.7-3.6.1 * libipmimonitoring6-1.5.7-3.6.1 * libipmiconsole2-1.5.7-3.6.1 * libipmidetect0-debuginfo-1.5.7-3.6.1 * libfreeipmi17-1.5.7-3.6.1 * freeipmi-debugsource-1.5.7-3.6.1 * libfreeipmi17-debuginfo-1.5.7-3.6.1 * libipmiconsole2-debuginfo-1.5.7-3.6.1 * freeipmi-devel-1.5.7-3.6.1 * libipmidetect0-1.5.7-3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33554.html * https://bugzilla.suse.com/show_bug.cgi?id=1260414 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 20:30:27 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 20:30:27 -0000 Subject: SUSE-SU-2026:1753-1: important: Security update for 389-ds Message-ID: <177818582774.263.4053957064825165564@d7d34dcee2d8> # Security update for 389-ds Announcement ID: SUSE-SU-2026:1753-1 Release Date: 2026-05-07T13:54:19Z Rating: important References: * bsc#1258727 Cross-References: * CVE-2025-14905 CVSS scores: * CVE-2025-14905 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-14905 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-14905 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for 389-ds fixes the following issues: Update to version 2.0.20~git89.937b1f291. Security issues fixed: * CVE-2025-14905: heap buffer overflow due to improper size calculation in `schema_attr_enum_callback` callback (bsc#1258727). Other updates and bugfixes: * Issue 7224 - CI Test - Simplify `test_reserve_descriptor_validation` (#7225). * Issue 7189 - DSBLE0007 generates incorrect remediation commands for scan limits. * Issue 7172 - (2nd) Index ordering mismatch after upgrade (#7180). * Issue 7172 - Index ordering mismatch after upgrade (#7173). * Issue 7096 - During replication online total init the function idl_id_is_in_idlist is not scaling with large database (#7145). * Issue 7091 - Duplicate local password policy entries listed (#7092). * Issue 7124 - BDB cursor race condition with transaction isolation (#7125). * Issue 7121 - LeakSanitizer: various leaks during replication (#7122). * Issue 7115 - LeakSanitizer: leak in `slapd_bind_local_user()` (#7116). * Issue 7109 - AddressSanitizer: SEGV `ldap/servers/slapd/csnset.c:302` in `csnset_dup` (#7114). * Issue 7056 - DSBLE0007 doesn't generate remediation steps for missing indexes. * Issue 6846 - Attribute uniqueness is not enforced with modrdn (#7026). * Issue 7055 - Online initialization of consumers fails with error `-23` (#7075). * Issue 7065 - A search filter containing a non normalized DN assertion does not return matching entries (#7068). * Issue 7032 - The new ipahealthcheck test ipahealthcheck.ds.backends.BackendsCheck raises CRITICAL issue (#7036). * Issue 6966 - On large DB, unlimited IDL scan limit reduce the SRCH performance (#6967). * Issue 6848 - AddressSanitizer: leak in `do_search`. * Issue 6928 - The `parentId` attribute is indexed with improper matching rule. * Issue 6933 - When deferred `memberof` update is enabled after the server crashed it should not launch memberof fixup task by default (#6935). * Issue 6929 - Compilation failure with `rust-1.89` on Fedora ELN. * Issue 6859 - `str2filter` is not fully applying matching rules. * Issue 6857 - `uiduniq`: allow specifying match rules in the filter. * Issue 6893 - Log user that is updated during password modify extended operation. * Issue 6680 - instance read-only mode is broken (#6681). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1753=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1753=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1753=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1753=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1753=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-snmp-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1 * lib389-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-snmp-2.0.20~git89.937b1f291-150400.3.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1 * lib389-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1 * lib389-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1 * lib389-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * 389-ds-devel-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debugsource-2.0.20~git89.937b1f291-150400.3.48.1 * lib389-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-2.0.20~git89.937b1f291-150400.3.48.1 * 389-ds-debuginfo-2.0.20~git89.937b1f291-150400.3.48.1 * libsvrcore0-2.0.20~git89.937b1f291-150400.3.48.1 ## References: * https://www.suse.com/security/cve/CVE-2025-14905.html * https://bugzilla.suse.com/show_bug.cgi?id=1258727 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu May 7 20:30:31 2026 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 May 2026 20:30:31 -0000 Subject: SUSE-RU-2026:1752-1: moderate: Recommended update for distribution Message-ID: <177818583191.263.4125669487817298010@d7d34dcee2d8> # Recommended update for distribution Announcement ID: SUSE-RU-2026:1752-1 Release Date: 2026-05-07T12:52:27Z Rating: moderate References: * bsc#1259718 Affected Products: * Containers Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has one fix can now be installed. ## Description: This update for distribution fixes the following issues: * rebuild with go 1.26 (bsc#1259718) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1752=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-1752=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1752=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1752=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1752=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1752=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1752=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1752=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1752=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1752=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1752=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1752=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * distribution-registry-2.8.3-150400.9.30.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * distribution-registry-2.8.3-150400.9.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * distribution-registry-2.8.3-150400.9.30.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1259718 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 12:30:14 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 12:30:14 -0000 Subject: SUSE-RU-2026:1760-1: important: Recommended update for suse-migration-services Message-ID: <177824341413.838.5079066601043027920@a63bbe94e1a3> # Recommended update for suse-migration-services Announcement ID: SUSE-RU-2026:1760-1 Release Date: 2026-05-08T07:57:10Z Rating: important References: * bsc#1258174 * bsc#1258710 Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that has two fixes can now be installed. ## Description: This update for suse-migration-services fixes the following issues: * Add explicit SLES15 migration target check Instead of falling back to the default with a misleading warning message, make sure to check for this target explicitly beforehand * Fix Zypper class command output handling The way zypper is called always redirects all output, stdout and stderr into the main log file. Because of that the variables self.output and self.error are always empty. This commit fixes the command call in a way that stdout and stderr are multiplexed such that the caller data can be captured by the python call and the data gets appended to the log file too. This commit also drops the unused and due to the redirection always empty self.error variable. For multiplexing the tee command gets used which impacts the returncode of the actual call. In order to get the correct exit code we use set -o pipefail. * Fix validation of zypper migration result Up to now the assumption was that any situation in which zypper migration cannot migrate the system returns with an error, meaning exit code != 0. However, this assumption is wrong. There are condition in which zypper migration only indicates a problem with a message saying 'No migration available' and the call return with a successful error code = 0. This causes big trouble for the DMS in a way that it continues running its services which all assumes the migration to the next major release was performed. It misleads readers of the log file into the wrong direction and the worst it causes modifications to the host system when it was not migrated. This commit makes sure that the migration stops and treats the above message as an error condition. * Add time info to backup directory So far only the date information was part of the backup directory. However, if multiple migration attempts happens on the same day, this would overwrite the data. * Fix migrate tool for container based migration The tool overwrites an eventually existing /etc/sle-migration-service.yml config file. This commit fixes it by using yq and inplace updates * Fix md device detection Fix detection of device mapper layered rootfs. Software raid disks are not found by findmnt if the actual rootfs is one or more layers down. This commit fixes the detection if we need to pass along the rd.auto cmdline option to let the boot process activate them. * Fix btrfs snapshot services Do not perform snapshot operations if the root filesystem is not btrfs based. * Fix lsm precheck Yet another test that doesn't restrict the scope of its runtime environment. * Fixed scope check for cpu_arch and check_ha The prechecks for cpu_arch and ha did not receive the value for the migration_system mode. As such these checks could not differentiate between being called on the host to upgrade or as part of the live migration system. This lead to unwanted check calls and invalid fail information as part of the migration log file * Fixed dataProvider setup in regionserverclnt.cfg In case of Azure the dataProvider information gets a device parameter added. This parameter must be added only once or not at all if it is already present. * Fixup import of certificates Only import if the file exists and is not a directory. We still assume that the file content of the pki trust directories matches certificates and not random non certificate files. * Fix consistency of regionserverclnt.cfg The DMS copies the contents of system-root/etc/regionserverclnt.cfg into the live migration system /etc/regionserverclnt.cfg. However, after the copy the update_regionsrv_setup() function modifies the contents of system- root/etc/regionserverclnt.cfg if the dataProvider is azuremetadata. This leads to different content of the file in system-root and the file in /. Whether or not this is causing a problem for the migration is unclear, but in any case having the file twice with different content during the DMS runtime is a bug. (bsc#1258710) * Fix setup of migration target for pre-check The check sending a request to the SCC offline migrations API requires a proper migration target name. This name is constructed from the installed migration live image package name which follows a strict naming policy. For SAP targets the code missed the detection path. This commit fixes it. (bsc#1258174) * Make sure to fallback to scc.suse.com Systems that are not providing /etc/SUSEConnect should fallback to the default registration server which is https://scc.suse.com * Switch reboot default In light of recent issues reported with soft reboot we are chaning the reboot method to a full reboot. This is intended to reduce the number of requests we receive to investigate boot issues. * Move default container to official devel project * Fixed disk device name passed to azuremetadata When setting the disk device name in the regionserverclnt.cfg for azure we used the unix device node, e.g /dev/sda. This is not a persistent device name and may change. This commit uses the by-id representation for the disk device from udev which is not expected to change. * Fix SLES SAP migration 12 - 15 in public clouds Workaround an issue in the SLE15 SP4 based live migration system used for SAP migrations only. The zypper version on SLE15 SP4 is too old and does not support --gpg-auto- import-keys. This workaround patches the DMS code to not use this option. As soon as the SAP migration live image can switch to a newer SP, this workaround can hopefully be removed again. * Fix python compatibility on latest zypper change Unfortunately the code has to comply with the oldest distribution migration that we support. This includes compatibility with the python 3.6 interpreter (SLE15). The latest change on the Zypper class introduced a TypeError and broke the migration. This commit fixes it. It should be safe to move the DMS code base to python 3.11 as the oldest migration live image is based on SLE15-SP4 which is the first target that has a python 3.11 stack. However, I hesitate to add this change now as we already have enough other problems with regards to the migration. As such it shouldn't be a problem to stay python 3.6 compatible for the moment. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1760=1 ## Package List: * Basesystem Module 15-SP7 (noarch) * python3-migration-2.1.34-150700.15.24.1 * suse-migration-scripts-2.1.34-150700.15.24.1 * suse-migration-pre-checks-2.1.34-150700.15.24.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1258174 * https://bugzilla.suse.com/show_bug.cgi?id=1258710 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:30:15 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:30:15 -0000 Subject: SUSE-SU-2026:1771-1: important: Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6) Message-ID: <177825781531.899.5066228556632531126@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1771-1 Release Date: 2026-05-08T11:05:28Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1771=1 SUSE-2026-1772=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1771=1 SUSE-SLE- Module-Live-Patching-15-SP6-2026-1772=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_47-default-debuginfo-17-150600.2.1 * kernel-livepatch-6_4_0-150600_23_47-default-17-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-16-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_10-debugsource-17-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-16-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-16-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_47-default-debuginfo-17-150600.2.1 * kernel-livepatch-6_4_0-150600_23_47-default-17-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-16-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_10-debugsource-17-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-16-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-16-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:30:27 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:30:27 -0000 Subject: SUSE-SU-2026:1770-1: important: Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5) Message-ID: <177825782724.899.5122769564178934249@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:1770-1 Release Date: 2026-05-08T11:05:12Z Rating: important References: * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1770=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1770=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_133-default-debuginfo-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_34-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_133-default-6-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_133-default-debuginfo-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_34-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_133-default-6-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:30:36 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:30:36 -0000 Subject: SUSE-SU-2026:1768-1: important: Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP4) Message-ID: <177825783634.899.1860911297437381259@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 41 for SUSE Linux Enterprise 15 SP4) Announcement ID: SUSE-SU-2026:1768-1 Release Date: 2026-05-08T11:05:01Z Rating: important References: * bsc#1252048 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.167 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1768=1 SUSE-2026-1769=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1768=1 SUSE-SLE- Module-Live-Patching-15-SP4-2026-1769=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_161-default-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-17-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_39-debugsource-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-17-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_41-debugsource-17-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_161-default-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-17-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_39-debugsource-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_161-default-debuginfo-18-150400.2.1 * kernel-livepatch-5_14_21-150400_24_167-default-debuginfo-17-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_41-debugsource-17-150400.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:30:43 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:30:43 -0000 Subject: SUSE-SU-2026:1767-1: important: Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5) Message-ID: <177825784304.899.6458317601589185420@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1767-1 Release Date: 2026-05-08T11:04:29Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1767=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_269-default-11-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:30:51 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:30:51 -0000 Subject: SUSE-SU-2026:1765-1: important: Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5) Message-ID: <177825785173.899.17780910126738313456@2df5abbbd056> # Security update for the Linux Kernel (Live Patch 69 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1765-1 Release Date: 2026-05-08T11:04:21Z Rating: important References: * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.261 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1765=1 SUSE-SLE-Live- Patching-12-SP5-2026-1766=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_258-default-15-2.1 * kgraft-patch-4_12_14-122_261-default-14-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:30:54 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:30:54 -0000 Subject: SUSE-SU-2026:1764-1: moderate: Security update for vim Message-ID: <177825785474.899.2477399029027839139@2df5abbbd056> # Security update for vim Announcement ID: SUSE-SU-2026:1764-1 Release Date: 2026-05-08T10:39:49Z Rating: moderate References: * bsc#1261833 Cross-References: * CVE-2026-39881 CVSS scores: * CVE-2026-39881 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-39881 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N * CVE-2026-39881 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N * CVE-2026-39881 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for vim fixes the following issue: Security fixes: * CVE-2026-39881: command injection in NetBeans interface can lead to arbitrary file reads and writes (bsc#1261833). Other fixes: * Update to 9.2.0398. * 9.2.0398: MS-Windows: missing strptime() support * 9.2.0397: tabpanel: double-click opens a new tab * 9.2.0396: tests: Test_error_callback_terminal is flaky on macOS * 9.2.0395: tests: Test_backupskip() may read from $HOME * 9.2.0394: xxd: offsets greater than LONG_MAX print as negative * 9.2.0393: MS-Windows: link error with XPM support on UCRT64 * 9.2.0392: tests: Some tests are flaky * 9.2.0391: tests: Comment in test_vim9_cmd breaks syntax highlighting * 9.2.0390: filetype: some Beancount files are not recognized * 9.2.0389: DECRQM still leaves stray "pp" on Apple Terminal.app * 9.2.0388: strange indent in update_topline() * 9.2.0387: DECRQM request may leave stray chars in terminal * 9.2.0386: No scroll/scrollbar support in the tabpanel * 9.2.0385: Integer overflow with "ze" and large 'sidescrolloff' * 9.2.0384: stale Insstart after cursor move breaks undo * 9.2.0383: [security]: runtime(netrw): shell-injection via sftp: and file: URLs * 9.2.0382: Wayland: focus-stealing is non-working * 9.2.0381: Vim9: Missing check_secure() in exec_instructions() * 9.2.0380: completion: a few issues in completion code * 9.2.0379: gui.color_approx is never used * 9.2.0378: Using int as bool type in win_T struct * 9.2.0377: Using int as bool type in gui_T struct * 9.2.0376: Vim9: elseif condition compiled in dead branch * 9.2.0375: prop_find() does not find a virt text in starting line * 9.2.0374: c_CTRL-{G,T} does not handle offset * 9.2.0373: Ctrl-R mapping not triggered during completion * 9.2.0372: pum: rendering issues with multibyte text and opacity * 9.2.0371: filetype: ghostty config files are not recognized * 9.2.0370: duplicate code with literal string_T assignment * 9.2.0369: multiple definitions of STRING_INIT macro * 9.2.0368: too many strlen() calls when adding strings to dicts * 9.2.0367: runtime(netrw): ~ note expanded on MS Windows * 9.2.0366: pum: flicker when updating pum in place * 9.2.0365: using int as bool * 9.2.0364: tests: test_smoothscroll_textoff_showbreak() fails * 9.2.0363: Vim9: variable shadowed by script-local function * 9.2.0362: division by zero with smoothscroll and small windows * 9.2.0361: tests: no tests for ch_listen() with IPs * 9.2.0360: Cannot handle mouse-clicks in the tabpanel * 9.2.0359: wrong VertSplitNC highlighting on winbar * 9.2.0358: runtime(vimball): still path traversal attacks possible * 9.2.0357: [security]: command injection via backticks in tag files * 9.2.0356: Cannot apply 'scrolloff' context lines at end of file * 9.2.0355: runtime(tar): missing path traversal checks in tar#Extract() * 9.2.0354: filetype: not all Bitbake include files are recognized * 9.2.0353: Missing out-of-memory check in register.c * 9.2.0352: 'winhighlight' of left window blends into right window * 9.2.0351: repeat_string() can be improved * 9.2.0350: Enabling modelines poses a risk * 9.2.0349: cannot style non-current window separator * 9.2.0348: potential buffer underrun when setting statusline like option * 9.2.0347: Vim9: script-local variable not found * 9.2.0346: Wrong cursor position when entering command line window * 9.2.0345: Wrong autoformatting with 'autocomplete' * 9.2.0344: channel: ch_listen() can bind to network interface * 9.2.0343: tests: test_clientserver may fail on slower systems * 9.2.0342: tests: test_excmd.vim leaves swapfiles behind * 9.2.0341: some functions can be run from the sandbox * 9.2.0340: pum_redraw() may cause flicker * 9.2.0339: regexp: nfa_regmatch() allocates and frees too often * 9.2.0338: Cannot handle mouseclicks in the tabline * 9.2.0337: list indexing broken on big-endian 32-bit platforms * 9.2.0336: libvterm: no terminal reflow support * 9.2.0335: json_encode() uses recursive algorithm * 9.2.0334: GTK: window geometry shrinks with with client-side decorations * 9.2.0333: filetype: PklProject files are not recognized * 9.2.0332: popup: still opacity rendering issues * 9.2.0331: spellfile: stack buffer overflows in spell file generation * 9.2.0330: tests: some patterns in tar and zip plugin tests not strict enough * 9.2.0329: tests: test_indent.vim leaves swapfiles behind * 9.2.0328: Cannot handle mouseclicks in the statusline * 9.2.0327: filetype: uv scripts are not detected * 9.2.0326: runtime(tar): but with dotted path * 9.2.0325: runtime(tar): bug in zstd handling * 9.2.0324: 0x9b byte not unescaped in mapping * 9.2.0323: filetype: buf.lock files are not recognized * 9.2.0322: tests: test_popupwin fails * 9.2.0321: MS-Windows: No OpenType font support * 9.2.0320: several bugs with text properties * 9.2.0319: popup: rendering issues with partially transparent popups * 9.2.0318: cannot configure opacity for popup menu * 9.2.0317: listener functions do not check secure flag * 9.2.0316: [security]: command injection in netbeans interface via defineAnnoType * 9.2.0315: missing bound-checks * 9.2.0314: channel: can bind to all network interfaces * 9.2.0313: Callback channel not registered in GUI * 9.2.0312: C-type names are marked as translatable * 9.2.0311: redrawing logic with text properties can be improved * 9.2.0310: unnecessary work in vim_strchr() and find_term_bykeys() * 9.2.0309: Missing out-of-memory check to may_get_cmd_block() * 9.2.0308: Error message E1547 is wrong * 9.2.0307: more mismatches between return types and documentation * 9.2.0306: runtime(tar): some issues with lz4 support * 9.2.0305: mismatch between return types and documentation * 9.2.0304: tests: test for 9.2.0285 doesn't always fail without the fix * 9.2.0303: tests: zip plugin tests don't check for warning message properly * 9.2.0302: runtime(netrw): RFC2396 decoding double escaping spaces * 9.2.0301: Vim9: void function return value inconsistent * 9.2.0300: The vimball plugin needs some love * 9.2.0299: runtime(zip): may write using absolute paths * 9.2.0298: Some internal variables are not modified * 9.2.0297: libvterm: can improve CSI overflow code * 9.2.0296: Redundant and incorrect integer pointer casts in drawline.c * 9.2.0295: 'showcmd' shows wrong Visual block size with 'linebreak' * 9.2.0294: if_lua: lua interface does not work with lua 5.5 * 9.2.0293: :packadd may lead to heap-buffer-overflow * 9.2.0292: E340 internal error when using method call on void value * 9.2.0291: too many strlen() calls * 9.2.0290: Amiga: no support for AmigaOS 3.x * 9.2.0289: 'linebreak' may lead to wrong Visual block highlighting * 9.2.0288: libvterm: signed integer overflow parsing long CSI args * 9.2.0287: filetype: not all ObjectScript routines are recognized * 9.2.0286: still some unnecessary (int) casts in alloc() * 9.2.0285: :syn sync grouphere may go beyond end of line * 9.2.0284: tabpanel: crash when tabpanel expression returns variable line count * 9.2.0283: unnecessary (int) casts before alloc() calls * 9.2.0282: tests: Test_viminfo_len_overflow() fails * 9.2.0281: tests: Test_netrw_FileUrlEdit.. fails on Windows ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1764=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * vim-debuginfo-9.2.0398-17.65.1 * vim-9.2.0398-17.65.1 * gvim-9.2.0398-17.65.1 * gvim-debuginfo-9.2.0398-17.65.1 * vim-debugsource-9.2.0398-17.65.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * vim-data-common-9.2.0398-17.65.1 * vim-data-9.2.0398-17.65.1 ## References: * https://www.suse.com/security/cve/CVE-2026-39881.html * https://bugzilla.suse.com/show_bug.cgi?id=1261833 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:30:57 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:30:57 -0000 Subject: SUSE-SU-2026:1763-1: important: Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid Message-ID: <177825785778.899.3292247495713186696@2df5abbbd056> # Security update for terraform-provider-aws, terraform-provider-azurerm, terraform-provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provid Announcement ID: SUSE-SU-2026:1763-1 Release Date: 2026-05-08T08:59:32Z Rating: important References: * bsc#1239324 Cross-References: * CVE-2025-22869 CVSS scores: * CVE-2025-22869 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-22869 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-22869 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for terraform-provider-aws, terraform-provider-azurerm, terraform- provider-external, terraform-provider-google, terraform-provider-helm, terraform-provider-kubernetes, terraform-provider-local, terraform-provider- random, terraform-provider-tls fixes the following issues: * CVE-2025-22869: golang.org/x/crypto/ssh: denial of service when clients do not complete the key exchange in SSH servers which implement file transfer protocols (bsc#1239324). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-1763=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2026-1763=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * terraform-provider-external-2.0.0-150200.6.6.1 * terraform-provider-azurerm-2.32.0-150200.6.6.1 * terraform-provider-google-3.43.0-150200.6.6.1 * terraform-provider-helm-2.9.0-150200.6.17.1 * terraform-provider-tls-3.0.0-150200.5.9.1 * terraform-provider-kubernetes-1.13.2-150200.6.6.1 * terraform-provider-random-3.0.0-150200.6.9.1 * terraform-provider-aws-3.11.0-150200.6.12.1 * terraform-provider-local-2.0.0-150200.6.11.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * terraform-provider-external-2.0.0-150200.6.6.1 * terraform-provider-azurerm-2.32.0-150200.6.6.1 * terraform-provider-google-3.43.0-150200.6.6.1 * terraform-provider-helm-2.9.0-150200.6.17.1 * terraform-provider-tls-3.0.0-150200.5.9.1 * terraform-provider-kubernetes-1.13.2-150200.6.6.1 * terraform-provider-random-3.0.0-150200.6.9.1 * terraform-provider-aws-3.11.0-150200.6.12.1 * terraform-provider-local-2.0.0-150200.6.11.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22869.html * https://bugzilla.suse.com/show_bug.cgi?id=1239324 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:31:07 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:31:07 -0000 Subject: SUSE-SU-2026:1762-1: important: Security update for strongswan Message-ID: <177825786729.899.13670157809817896261@2df5abbbd056> # Security update for strongswan Announcement ID: SUSE-SU-2026:1762-1 Release Date: 2026-05-08T08:58:30Z Rating: important References: * bsc#1261705 * bsc#1261706 * bsc#1261708 * bsc#1261717 * bsc#1261718 * bsc#1261720 Cross-References: * CVE-2026-35329 * CVE-2026-35330 * CVE-2026-35331 * CVE-2026-35332 * CVE-2026-35333 * CVE-2026-35334 CVSS scores: * CVE-2026-35329 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35329 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35330 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-35330 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-35331 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-35331 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-35332 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35332 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35333 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35333 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35334 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35334 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for strongswan fixes the following issues: * CVE-2026-35329: NULL pointer dereference when processing padding in PKCS#7 (bsc#1261717). * CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attributes (bsc#1261705). * CVE-2026-35331: acceptance of certificates violating X.509 name constraints (bsc#1261718). * CVE-2026-35332: NULL pointer dereference when handling ECDH public value in TLS (bsc#1261708). * CVE-2026-35333: integer underflow when handling RADIUS attributes (bsc#1261706). * CVE-2026-35334: possible NULL pointer dereference in RSA decryption (bsc#1261720). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1762=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1762=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * strongswan-libs0-5.1.3-26.35.1 * strongswan-hmac-5.1.3-26.35.1 * strongswan-ipsec-5.1.3-26.35.1 * strongswan-ipsec-debuginfo-5.1.3-26.35.1 * strongswan-5.1.3-26.35.1 * strongswan-debugsource-5.1.3-26.35.1 * strongswan-libs0-debuginfo-5.1.3-26.35.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * strongswan-doc-5.1.3-26.35.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * strongswan-libs0-5.1.3-26.35.1 * strongswan-hmac-5.1.3-26.35.1 * strongswan-ipsec-5.1.3-26.35.1 * strongswan-ipsec-debuginfo-5.1.3-26.35.1 * strongswan-5.1.3-26.35.1 * strongswan-debugsource-5.1.3-26.35.1 * strongswan-libs0-debuginfo-5.1.3-26.35.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * strongswan-doc-5.1.3-26.35.1 ## References: * https://www.suse.com/security/cve/CVE-2026-35329.html * https://www.suse.com/security/cve/CVE-2026-35330.html * https://www.suse.com/security/cve/CVE-2026-35331.html * https://www.suse.com/security/cve/CVE-2026-35332.html * https://www.suse.com/security/cve/CVE-2026-35333.html * https://www.suse.com/security/cve/CVE-2026-35334.html * https://bugzilla.suse.com/show_bug.cgi?id=1261705 * https://bugzilla.suse.com/show_bug.cgi?id=1261706 * https://bugzilla.suse.com/show_bug.cgi?id=1261708 * https://bugzilla.suse.com/show_bug.cgi?id=1261717 * https://bugzilla.suse.com/show_bug.cgi?id=1261718 * https://bugzilla.suse.com/show_bug.cgi?id=1261720 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 16:31:14 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 16:31:14 -0000 Subject: SUSE-SU-2026:1761-1: important: Security update for nginx Message-ID: <177825787413.899.14677251032551835030@2df5abbbd056> # Security update for nginx Announcement ID: SUSE-SU-2026:1761-1 Release Date: 2026-05-08T08:58:17Z Rating: important References: * bsc#1257675 * bsc#1260416 * bsc#1260417 * bsc#1260418 Cross-References: * CVE-2026-1642 * CVE-2026-27654 * CVE-2026-27784 * CVE-2026-28753 CVSS scores: * CVE-2026-1642 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-1642 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-1642 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-1642 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-27654 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-27654 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-27654 ( NVD ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27654 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2026-27784 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-27784 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-27784 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-27784 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-27784 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-28753 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-28753 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-28753 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-28753 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for nginx fixes the following issues: * CVE-2026-1642: plain text data injection into the response from an upstream proxied server via MITM attack (bsc#1257675). * CVE-2026-27654: buffer overflow in the NGINX worker process via the `ngx_http_dav_module` module (bsc#1260416). * CVE-2026-27784: NGINX worker memory overread or overwrite via a specially crafted MP4 file (bsc#1260417). * CVE-2026-28753: arbitrary header injection into SMTP upstream requests via attacker-controlled DNS server (bsc#1260418). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1761=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1761=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1761=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1761=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * nginx-debugsource-1.21.5-150600.10.15.1 * nginx-debuginfo-1.21.5-150600.10.15.1 * nginx-1.21.5-150600.10.15.1 * openSUSE Leap 15.6 (noarch) * nginx-source-1.21.5-150600.10.15.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * nginx-debugsource-1.21.5-150600.10.15.1 * nginx-debuginfo-1.21.5-150600.10.15.1 * nginx-1.21.5-150600.10.15.1 * Server Applications Module 15-SP7 (noarch) * nginx-source-1.21.5-150600.10.15.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * nginx-debugsource-1.21.5-150600.10.15.1 * nginx-debuginfo-1.21.5-150600.10.15.1 * nginx-1.21.5-150600.10.15.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * nginx-source-1.21.5-150600.10.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * nginx-debugsource-1.21.5-150600.10.15.1 * nginx-debuginfo-1.21.5-150600.10.15.1 * nginx-1.21.5-150600.10.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * nginx-source-1.21.5-150600.10.15.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1642.html * https://www.suse.com/security/cve/CVE-2026-27654.html * https://www.suse.com/security/cve/CVE-2026-27784.html * https://www.suse.com/security/cve/CVE-2026-28753.html * https://bugzilla.suse.com/show_bug.cgi?id=1257675 * https://bugzilla.suse.com/show_bug.cgi?id=1260416 * https://bugzilla.suse.com/show_bug.cgi?id=1260417 * https://bugzilla.suse.com/show_bug.cgi?id=1260418 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 20:30:07 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 20:30:07 -0000 Subject: SUSE-SU-2026:1778-1: important: Security update for the Linux Kernel Message-ID: <177827220758.1062.12166212739006873930@d7d34dcee2d8> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1778-1 Release Date: 2026-05-08T15:20:23Z Rating: important References: * bsc#1264449 * bsc#1264450 Cross-References: * CVE-2026-43284 * CVE-2026-43500 CVSS scores: * CVE-2026-43284 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43500 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Real Time Module 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix the following issue: This fixes the DirtyFrag issues: * CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags (bsc#1264449). * CVE-2026-43500: rxrpc and afs modules are disabled (bsc#1264450) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1778=1 * SUSE Real Time Module 15-SP7 zypper in -t patch SUSE-SLE-Module-RT-15-SP7-2026-1778=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (x86_64) * kernel-livepatch-SLE15-SP7-RT_Update_13-debugsource-1-150700.1.3.1 * kernel-livepatch-6_4_0-150700_7_44-rt-1-150700.1.3.1 * kernel-livepatch-6_4_0-150700_7_44-rt-debuginfo-1-150700.1.3.1 * SUSE Real Time Module 15-SP7 (x86_64) * kernel-rt-debuginfo-6.4.0-150700.7.44.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150700.7.44.1 * kernel-rt-devel-6.4.0-150700.7.44.1 * cluster-md-kmp-rt-6.4.0-150700.7.44.1 * ocfs2-kmp-rt-6.4.0-150700.7.44.1 * dlm-kmp-rt-debuginfo-6.4.0-150700.7.44.1 * gfs2-kmp-rt-debuginfo-6.4.0-150700.7.44.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150700.7.44.1 * kernel-rt-debugsource-6.4.0-150700.7.44.1 * kernel-rt-devel-debuginfo-6.4.0-150700.7.44.1 * gfs2-kmp-rt-6.4.0-150700.7.44.1 * dlm-kmp-rt-6.4.0-150700.7.44.1 * kernel-syms-rt-6.4.0-150700.7.44.1 * SUSE Real Time Module 15-SP7 (noarch) * kernel-source-rt-6.4.0-150700.7.44.1 * kernel-devel-rt-6.4.0-150700.7.44.1 * SUSE Real Time Module 15-SP7 (nosrc x86_64) * kernel-rt-6.4.0-150700.7.44.1 ## References: * https://www.suse.com/security/cve/CVE-2026-43284.html * https://www.suse.com/security/cve/CVE-2026-43500.html * https://bugzilla.suse.com/show_bug.cgi?id=1264449 * https://bugzilla.suse.com/show_bug.cgi?id=1264450 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 20:30:12 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 20:30:12 -0000 Subject: SUSE-SU-2026:1775-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP7) Message-ID: <177827221203.1062.18164199108058902121@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP7) Announcement ID: SUSE-SU-2026:1775-1 Release Date: 2026-05-08T12:04:33Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150700.53.37 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1775=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_37-default-2-150700.2.1 * kernel-livepatch-SLE15-SP7_Update_11-debugsource-2-150700.2.1 * kernel-livepatch-6_4_0-150700_53_37-default-debuginfo-2-150700.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 20:30:24 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 20:30:24 -0000 Subject: SUSE-SU-2026:1776-1: important: Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6) Message-ID: <177827222444.1062.4157244583483820595@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1776-1 Release Date: 2026-05-08T12:33:55Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.50 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1776=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1776=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1774=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1774=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-16-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_42-debugsource-16-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_170-default-debuginfo-16-150400.2.1 * kernel-livepatch-5_14_21-150400_24_170-default-16-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_42-debugsource-16-150400.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-16-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_11-debugsource-16-150600.2.1 * kernel-livepatch-6_4_0-150600_23_50-default-16-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_50-default-debuginfo-16-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_11-debugsource-16-150600.2.1 * kernel-livepatch-6_4_0-150600_23_50-default-16-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 20:30:30 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 20:30:30 -0000 Subject: SUSE-SU-2026:1773-1: important: Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5) Message-ID: <177827223023.1062.6035702959632477466@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1773-1 Release Date: 2026-05-08T15:33:54Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1779=1 SUSE-SLE-Live- Patching-12-SP5-2026-1773=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_290-default-6-2.1 * kgraft-patch-4_12_14-122_272-default-10-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri May 8 20:30:34 2026 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 May 2026 20:30:34 -0000 Subject: SUSE-SU-2026:1777-1: important: Security update for the Linux Kernel Message-ID: <177827223467.1062.10473952844856210827@d7d34dcee2d8> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1777-1 Release Date: 2026-05-08T13:10:13Z Rating: important References: * bsc#1246057 * bsc#1259797 Cross-References: * CVE-2025-38234 * CVE-2026-23243 CVSS scores: * CVE-2025-38234 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38234 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38234 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23243 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE An update that solves two vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: * CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057). * CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259797). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-1777=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2026-1777=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (nosrc x86_64) * kernel-trace-3.0.101-108.207.1 * kernel-xen-3.0.101-108.207.1 * kernel-default-3.0.101-108.207.1 * kernel-ec2-3.0.101-108.207.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (x86_64) * kernel-ec2-debugsource-3.0.101-108.207.1 * kernel-ec2-devel-3.0.101-108.207.1 * kernel-default-debugsource-3.0.101-108.207.1 * kernel-trace-devel-debuginfo-3.0.101-108.207.1 * kernel-xen-debuginfo-3.0.101-108.207.1 * kernel-default-debuginfo-3.0.101-108.207.1 * kernel-trace-debugsource-3.0.101-108.207.1 * kernel-trace-base-3.0.101-108.207.1 * kernel-xen-devel-debuginfo-3.0.101-108.207.1 * kernel-syms-3.0.101-108.207.1 * kernel-default-base-3.0.101-108.207.1 * kernel-default-devel-debuginfo-3.0.101-108.207.1 * kernel-xen-devel-3.0.101-108.207.1 * kernel-trace-devel-3.0.101-108.207.1 * kernel-source-3.0.101-108.207.1 * kernel-xen-debugsource-3.0.101-108.207.1 * kernel-ec2-base-3.0.101-108.207.1 * kernel-trace-debuginfo-3.0.101-108.207.1 * kernel-default-devel-3.0.101-108.207.1 * kernel-ec2-debuginfo-3.0.101-108.207.1 * kernel-ec2-devel-debuginfo-3.0.101-108.207.1 * kernel-xen-base-3.0.101-108.207.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE (noarch nosrc) * kernel-docs-3.0.101-108.207.1 * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64) * kernel-trace-3.0.101-108.207.1 * kernel-xen-3.0.101-108.207.1 * kernel-default-3.0.101-108.207.1 * kernel-ec2-3.0.101-108.207.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * kernel-ec2-debugsource-3.0.101-108.207.1 * kernel-ec2-devel-3.0.101-108.207.1 * kernel-default-debugsource-3.0.101-108.207.1 * kernel-trace-devel-debuginfo-3.0.101-108.207.1 * kernel-xen-debuginfo-3.0.101-108.207.1 * kernel-default-debuginfo-3.0.101-108.207.1 * kernel-trace-debugsource-3.0.101-108.207.1 * kernel-trace-base-3.0.101-108.207.1 * kernel-xen-devel-debuginfo-3.0.101-108.207.1 * kernel-syms-3.0.101-108.207.1 * kernel-default-base-3.0.101-108.207.1 * kernel-default-devel-debuginfo-3.0.101-108.207.1 * kernel-xen-devel-3.0.101-108.207.1 * kernel-trace-devel-3.0.101-108.207.1 * kernel-source-3.0.101-108.207.1 * kernel-xen-debugsource-3.0.101-108.207.1 * kernel-ec2-base-3.0.101-108.207.1 * kernel-trace-debuginfo-3.0.101-108.207.1 * kernel-default-devel-3.0.101-108.207.1 * kernel-ec2-debuginfo-3.0.101-108.207.1 * kernel-ec2-devel-debuginfo-3.0.101-108.207.1 * kernel-xen-base-3.0.101-108.207.1 * SUSE Linux Enterprise Server 11 SP4 (noarch nosrc) * kernel-docs-3.0.101-108.207.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38234.html * https://www.suse.com/security/cve/CVE-2026-23243.html * https://bugzilla.suse.com/show_bug.cgi?id=1246057 * https://bugzilla.suse.com/show_bug.cgi?id=1259797 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:30:22 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:30:22 -0000 Subject: SUSE-SU-2026:1804-1: important: Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP5) Message-ID: <177848822245.2501.8554516059090142373@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 33 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:1804-1 Release Date: 2026-05-09T16:04:42Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.130 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1804=1 SUSE-2026-1805=1 SUSE-2026-1806=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1804=1 SUSE-SLE- Module-Live-Patching-15-SP5-2026-1805=1 SUSE-SLE-Module-Live- Patching-15-SP5-2026-1806=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_130-default-debuginfo-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_33-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_31-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_124-default-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_130-default-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-16-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_130-default-debuginfo-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_33-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_124-default-debuginfo-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_31-debugsource-9-150500.2.1 * kernel-livepatch-5_14_21-150500_55_124-default-9-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_28-debugsource-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-debuginfo-16-150500.2.1 * kernel-livepatch-5_14_21-150500_55_130-default-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_113-default-16-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:30:26 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:30:26 -0000 Subject: SUSE-RU-2026:21577-1: moderate: Recommended update for libica Message-ID: <177848822695.2501.13661206538219063165@d7d34dcee2d8> # Recommended update for libica Announcement ID: SUSE-RU-2026:21577-1 Release Date: 2026-05-04T10:52:50Z Rating: moderate References: * bsc#952871 Affected Products: * SUSE Linux Enterprise Server 16.0 An update that has one fix can now be installed. ## Description: This update for libica fixes the following issues: * Upgrade libica to version 4.4.1. * Applied a patch for FIPS 140-3 project for SLES16.0 and SL Micro 6.2. * Removed obsolete patch. * Move unversioned libica.so from tools to libica4 subpackage to ensure openssl-ibmca can reliably load it via DSO_load() in minimal environments (bsc#952871). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-673=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (s390x) * libica-devel-4.4.1-160000.1.1 * libica4-debuginfo-4.4.1-160000.1.1 * libica-tools-4.4.1-160000.1.1 * libica-debuginfo-4.4.1-160000.1.1 * libica-tools-debuginfo-4.4.1-160000.1.1 * libica-debugsource-4.4.1-160000.1.1 * libica4-4.4.1-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=952871 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:30:31 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:30:31 -0000 Subject: SUSE-RU-2026:21576-1: important: Recommended update for rear29a Message-ID: <177848823104.2501.14810963495117457887@d7d34dcee2d8> # Recommended update for rear29a Announcement ID: SUSE-RU-2026:21576-1 Release Date: 2026-05-07T14:29:52Z Rating: important References: * bsc#1246136 * jsc#PED-14688 * jsc#PED-14776 Affected Products: * SUSE Linux Enterprise Server for SAP applications 16.0 An update that contains two features and has one fix can now be installed. ## Description: This update for rear29a fixes the following issues: * SLE16 fixes * Aligning with upstream pull requests (#bsc1246136). * For SLE 16 and openSUSE Leap 16.x and openSUSE Factory, set OS_VERSION="16" in `/etc/rear/os.conf`. * Fix packages for Immutable Mode (jsc#PED-14776, jsc#PED-14688). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-719=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * rear29a-2.9-160000.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1246136 * https://jira.suse.com/browse/PED-14688 * https://jira.suse.com/browse/PED-14776 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:09 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:09 -0000 Subject: SUSE-RU-2026:21569-1: moderate: Recommended update for nvidia-open-driver-G07-signed Message-ID: <177848826935.2501.2772292980184630449@d7d34dcee2d8> # Recommended update for nvidia-open-driver-G07-signed Announcement ID: SUSE-RU-2026:21569-1 Release Date: 2026-05-06T17:36:35Z Rating: moderate References: * bsc#1212841 * bsc#1262574 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has two fixes can now be installed. ## Description: This update for nvidia-open-driver-G07-signed fixes the following issues: Changes in nvidia-open-driver-G07-signed: * update CUDA variant to 595.71.05 * update non-CUDA variant to 595.71.05 (boo#1262574) * get rid of confusing objtool warnings (boo#1212841) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-712=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-712=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * nvidia-open-driver-G07-signed-cuda-debugsource-595.71.05-160000.1.1 * nvidia-open-driver-G07-signed-cuda-default-devel-595.71.05-160000.1.1 * nvidia-open-driver-G07-signed-default-devel-595.71.05-160000.1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-debuginfo-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-kmp-default-debuginfo-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-kmp-default-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-debugsource-595.71.05-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64) * nvidia-open-driver-G07-signed-kmp-64kb-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-64kb-devel-595.71.05-160000.1.1 * nvidia-open-driver-G07-signed-cuda-64kb-devel-595.71.05-160000.1.1 * nvidia-open-driver-G07-signed-kmp-64kb-debuginfo-595.71.05_k6.12.0_160000.29-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * nvidia-open-driver-G07-signed-cuda-debugsource-595.71.05-160000.1.1 * nvidia-open-driver-G07-signed-cuda-default-devel-595.71.05-160000.1.1 * nvidia-open-driver-G07-signed-default-devel-595.71.05-160000.1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-debuginfo-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-kmp-default-debuginfo-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-kmp-default-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-cuda-kmp-default-595.71.05_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G07-signed-debugsource-595.71.05-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1212841 * https://bugzilla.suse.com/show_bug.cgi?id=1262574 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:30:36 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:30:36 -0000 Subject: SUSE-SU-2026:21575-1: moderate: Security update for openCryptoki Message-ID: <177848823628.2501.6083225000427692113@d7d34dcee2d8> # Security update for openCryptoki Announcement ID: SUSE-SU-2026:21575-1 Release Date: 2026-05-07T09:52:13Z Rating: moderate References: * bsc#1262283 * bsc#1263819 * jsc#PED-14609 Cross-References: * CVE-2026-40253 CVSS scores: * CVE-2026-40253 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-40253 ( SUSE ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-40253 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability, contains one feature and has one fix can now be installed. ## Description: This update for openCryptoki fixes the following issues Security issue: * CVE-2026-40253: Updated fix for malformed BER-encoded cryptographic objects (bsc#1262283). Non security issue: * Refactored .spec file to fully support transactional and immutable operating systems (jsc#PED-14609): * Migrated user and group creation (pkcs11, pkcsslotd) from imperative %pre shell commands to declarative systemd-sysusers configuration. * Replaced manual /var directory tracking and %ghost directives with comprehensive systemd-tmpfiles configurations. * Implemented dynamic, architecture-specific tmpfiles.d generation to properly provision hardware-specific token directories (e.g., ccatok, ep11tok, lite, and HSM_MK_CHANGE). * Fixed permissions for /run/opencryptoki within tmpfiles.d to ensure the daemon can successfully drop privileges and bind its communication socket. * Moved 32-bit and 64-bit shared library symlink creation (such as PKCS11_API.so, stdll, and methods) from %post scriptlets into the %install phase, ensuring they are correctly packaged and tracked on the read-only /usr partition. * Removed legacy /etc/pkcs11 bash migration logic from %post, replacing it with a declarative tmpfiles.d symlink rule. * Cleaned up scriptlets to only execute transaction-safe macros (such as ldconfig and systemd service handlers). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-718=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-718=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * openCryptoki-64bit-debuginfo-3.26.0-160000.2.1 * openCryptoki-64bit-3.26.0-160000.2.1 * openCryptoki-debugsource-3.26.0-160000.2.1 * openCryptoki-debuginfo-3.26.0-160000.2.1 * openCryptoki-devel-3.26.0-160000.2.1 * openCryptoki-3.26.0-160000.2.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * openCryptoki-64bit-debuginfo-3.26.0-160000.2.1 * openCryptoki-64bit-3.26.0-160000.2.1 * openCryptoki-debugsource-3.26.0-160000.2.1 * openCryptoki-debuginfo-3.26.0-160000.2.1 * openCryptoki-devel-3.26.0-160000.2.1 * openCryptoki-3.26.0-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40253.html * https://bugzilla.suse.com/show_bug.cgi?id=1262283 * https://bugzilla.suse.com/show_bug.cgi?id=1263819 * https://jira.suse.com/browse/PED-14609 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:24 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:24 -0000 Subject: SUSE-SU-2026:21564-1: moderate: Security update for Mesa Message-ID: <177848828424.2501.6295894209842692780@d7d34dcee2d8> # Security update for Mesa Announcement ID: SUSE-SU-2026:21564-1 Release Date: 2026-05-06T10:15:45Z Rating: moderate References: * bsc#1261911 * bsc#1261998 Cross-References: * CVE-2026-40393 CVSS scores: * CVE-2026-40393 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-40393 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40393 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for Mesa fixes the following issue: * CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party (bsc#1261998). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-707=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-707=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * Mesa-dri-devel-24.3.3-160000.3.1 * Mesa-libRusticlOpenCL-debuginfo-24.3.3-160000.3.1 * Mesa-libGLESv3-devel-24.3.3-160000.3.1 * Mesa-dri-24.3.3-160000.3.1 * Mesa-libva-24.3.3-160000.3.1 * Mesa-libGL-devel-24.3.3-160000.3.1 * libvdpau_r600-24.3.3-160000.3.1 * Mesa-24.3.3-160000.3.1 * libOSMesa8-debuginfo-24.3.3-160000.3.1 * Mesa-devel-24.3.3-160000.3.1 * Mesa-dri-nouveau-24.3.3-160000.3.1 * Mesa-libglapi-devel-24.3.3-160000.3.1 * libvdpau_radeonsi-24.3.3-160000.3.1 * Mesa-libEGL-devel-24.3.3-160000.3.1 * Mesa-libOpenCL-24.3.3-160000.3.1 * Mesa-libEGL1-debuginfo-24.3.3-160000.3.1 * Mesa-KHR-devel-24.3.3-160000.3.1 * Mesa-libglapi0-24.3.3-160000.3.1 * Mesa-gallium-24.3.3-160000.3.1 * libgbm-devel-24.3.3-160000.3.1 * Mesa-libGL1-debuginfo-24.3.3-160000.3.1 * Mesa-dri-debuginfo-24.3.3-160000.3.1 * libvdpau_nouveau-24.3.3-160000.3.1 * Mesa-debugsource-24.3.3-160000.3.1 * Mesa-libGLESv1_CM-devel-24.3.3-160000.3.1 * Mesa-libGLESv2-devel-24.3.3-160000.3.1 * libxatracker2-1.0.0-160000.3.1 * libOSMesa8-24.3.3-160000.3.1 * Mesa-gallium-debuginfo-24.3.3-160000.3.1 * libxatracker-devel-1.0.0-160000.3.1 * libgbm1-debuginfo-24.3.3-160000.3.1 * libOSMesa-devel-24.3.3-160000.3.1 * Mesa-drivers-debugsource-24.3.3-160000.3.1 * Mesa-libRusticlOpenCL-24.3.3-160000.3.1 * libxatracker2-debuginfo-1.0.0-160000.3.1 * Mesa-libOpenCL-debuginfo-24.3.3-160000.3.1 * Mesa-libEGL1-24.3.3-160000.3.1 * libgbm1-24.3.3-160000.3.1 * libvdpau_virtio_gpu-24.3.3-160000.3.1 * Mesa-libglapi0-debuginfo-24.3.3-160000.3.1 * Mesa-libGL1-24.3.3-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * Mesa-vulkan-overlay-debuginfo-24.3.3-160000.3.1 * libvulkan_radeon-debuginfo-24.3.3-160000.3.1 * libvulkan_intel-24.3.3-160000.3.1 * libvulkan_lvp-24.3.3-160000.3.1 * libvulkan_lvp-debuginfo-24.3.3-160000.3.1 * Mesa-vulkan-overlay-24.3.3-160000.3.1 * libvulkan_radeon-24.3.3-160000.3.1 * Mesa-libd3d-24.3.3-160000.3.1 * Mesa-libd3d-debuginfo-24.3.3-160000.3.1 * Mesa-vulkan-device-select-debuginfo-24.3.3-160000.3.1 * Mesa-vulkan-device-select-24.3.3-160000.3.1 * Mesa-libd3d-devel-24.3.3-160000.3.1 * libvulkan_intel-debuginfo-24.3.3-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le x86_64) * Mesa-dri-devel-24.3.3-160000.3.1 * Mesa-libRusticlOpenCL-debuginfo-24.3.3-160000.3.1 * Mesa-libGLESv3-devel-24.3.3-160000.3.1 * Mesa-dri-24.3.3-160000.3.1 * Mesa-libva-24.3.3-160000.3.1 * Mesa-libGL-devel-24.3.3-160000.3.1 * libvdpau_r600-24.3.3-160000.3.1 * Mesa-24.3.3-160000.3.1 * libOSMesa8-debuginfo-24.3.3-160000.3.1 * Mesa-devel-24.3.3-160000.3.1 * Mesa-dri-nouveau-24.3.3-160000.3.1 * Mesa-libglapi-devel-24.3.3-160000.3.1 * libvdpau_radeonsi-24.3.3-160000.3.1 * Mesa-libEGL-devel-24.3.3-160000.3.1 * Mesa-libOpenCL-24.3.3-160000.3.1 * Mesa-libEGL1-debuginfo-24.3.3-160000.3.1 * Mesa-KHR-devel-24.3.3-160000.3.1 * Mesa-libglapi0-24.3.3-160000.3.1 * Mesa-gallium-24.3.3-160000.3.1 * libgbm-devel-24.3.3-160000.3.1 * Mesa-libGL1-debuginfo-24.3.3-160000.3.1 * Mesa-dri-debuginfo-24.3.3-160000.3.1 * libvdpau_nouveau-24.3.3-160000.3.1 * Mesa-debugsource-24.3.3-160000.3.1 * Mesa-libGLESv1_CM-devel-24.3.3-160000.3.1 * Mesa-libGLESv2-devel-24.3.3-160000.3.1 * libxatracker2-1.0.0-160000.3.1 * libOSMesa8-24.3.3-160000.3.1 * Mesa-gallium-debuginfo-24.3.3-160000.3.1 * libxatracker-devel-1.0.0-160000.3.1 * libgbm1-debuginfo-24.3.3-160000.3.1 * libOSMesa-devel-24.3.3-160000.3.1 * Mesa-drivers-debugsource-24.3.3-160000.3.1 * Mesa-libRusticlOpenCL-24.3.3-160000.3.1 * libxatracker2-debuginfo-1.0.0-160000.3.1 * Mesa-libOpenCL-debuginfo-24.3.3-160000.3.1 * Mesa-libEGL1-24.3.3-160000.3.1 * libgbm1-24.3.3-160000.3.1 * libvdpau_virtio_gpu-24.3.3-160000.3.1 * Mesa-libglapi0-debuginfo-24.3.3-160000.3.1 * Mesa-libGL1-24.3.3-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64) * libvulkan_freedreno-debuginfo-24.3.3-160000.3.1 * Mesa-dri-vc4-24.3.3-160000.3.1 * libvulkan_broadcom-debuginfo-24.3.3-160000.3.1 * libvulkan_freedreno-24.3.3-160000.3.1 * libvulkan_broadcom-24.3.3-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * Mesa-vulkan-overlay-debuginfo-24.3.3-160000.3.1 * libvulkan_radeon-debuginfo-24.3.3-160000.3.1 * libvulkan_lvp-24.3.3-160000.3.1 * Mesa-vulkan-overlay-24.3.3-160000.3.1 * libvulkan_radeon-24.3.3-160000.3.1 * Mesa-vulkan-device-select-debuginfo-24.3.3-160000.3.1 * Mesa-vulkan-device-select-24.3.3-160000.3.1 * libvulkan_lvp-debuginfo-24.3.3-160000.3.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * libvulkan_intel-24.3.3-160000.3.1 * Mesa-libd3d-24.3.3-160000.3.1 * Mesa-libd3d-debuginfo-24.3.3-160000.3.1 * Mesa-libd3d-devel-24.3.3-160000.3.1 * libvulkan_intel-debuginfo-24.3.3-160000.3.1 * SUSE Linux Enterprise Server 16.0 (s390x) * Mesa-libGLESv2-devel-24.1.7-160000.3.1 * libgbm1-24.1.7-160000.3.1 * Mesa-libglapi0-debuginfo-24.1.7-160000.3.1 * Mesa-devel-24.1.7-160000.3.1 * Mesa-libGL-devel-24.1.7-160000.3.1 * Mesa-libEGL1-24.1.7-160000.3.1 * Mesa-libglapi0-24.1.7-160000.3.1 * libgbm-devel-24.1.7-160000.3.1 * Mesa-drivers-debugsource-24.1.7-160000.3.1 * Mesa-24.1.7-160000.3.1 * Mesa-libEGL1-debuginfo-24.1.7-160000.3.1 * Mesa-dri-debuginfo-24.1.7-160000.3.1 * libgbm1-debuginfo-24.1.7-160000.3.1 * Mesa-libGL1-24.1.7-160000.3.1 * libOSMesa8-24.1.7-160000.3.1 * Mesa-debugsource-24.1.7-160000.3.1 * Mesa-dri-24.1.7-160000.3.1 * Mesa-libglapi-devel-24.1.7-160000.3.1 * Mesa-KHR-devel-24.1.7-160000.3.1 * libOSMesa8-debuginfo-24.1.7-160000.3.1 * Mesa-libGL1-debuginfo-24.1.7-160000.3.1 * Mesa-libGLESv1_CM-devel-24.1.7-160000.3.1 * Mesa-libEGL-devel-24.1.7-160000.3.1 * Mesa-libGLESv3-devel-24.1.7-160000.3.1 * libOSMesa-devel-24.1.7-160000.3.1 * Mesa-dri-devel-24.1.7-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40393.html * https://bugzilla.suse.com/show_bug.cgi?id=1261911 * https://bugzilla.suse.com/show_bug.cgi?id=1261998 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:30:39 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:30:39 -0000 Subject: SUSE-SU-2026:21574-1: moderate: Security update for c-ares Message-ID: <177848823991.2501.2905923146705520606@d7d34dcee2d8> # Security update for c-ares Announcement ID: SUSE-SU-2026:21574-1 Release Date: 2026-05-07T09:36:47Z Rating: moderate References: * bsc#1254738 Cross-References: * CVE-2025-62408 CVSS scores: * CVE-2025-62408 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-62408 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for c-ares fixes the following issue * CVE-2025-62408: use after free in read_answers() (bsc#1254738). Changes for c-ares: * c-ares 1.35.6: * Ignore Windows IDN Search Domains until proper IDN support is added * Various bug fixes ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-717=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-717=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * c-ares-debugsource-1.34.6-160000.1.1 * c-ares-devel-1.34.6-160000.1.1 * libcares2-debuginfo-1.34.6-160000.1.1 * c-ares-utils-debuginfo-1.34.6-160000.1.1 * c-ares-utils-1.34.6-160000.1.1 * libcares2-1.34.6-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * c-ares-debugsource-1.34.6-160000.1.1 * c-ares-devel-1.34.6-160000.1.1 * libcares2-debuginfo-1.34.6-160000.1.1 * c-ares-utils-debuginfo-1.34.6-160000.1.1 * c-ares-utils-1.34.6-160000.1.1 * libcares2-1.34.6-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-62408.html * https://bugzilla.suse.com/show_bug.cgi?id=1254738 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:50 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:50 -0000 Subject: SUSE-SU-2026:21562-1: important: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Message-ID: <177848831072.2501.13621820811551651755@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21562-1 Release Date: 2026-05-06T09:16:11Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-705=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-705=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_1-debugsource-9-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-debuginfo-9-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_1-debugsource-9-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-debuginfo-9-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:30:42 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:30:42 -0000 Subject: SUSE-SU-2026:21573-1: low: Security update for cairo Message-ID: <177848824287.2501.15606517244523323827@d7d34dcee2d8> # Security update for cairo Announcement ID: SUSE-SU-2026:21573-1 Release Date: 2026-05-07T09:32:39Z Rating: low References: * bsc#1247589 Cross-References: * CVE-2025-50422 CVSS scores: * CVE-2025-50422 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-50422 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2025-50422 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for cairo fixes the following issue: * CVE-2025-50422: Poppler crash on malformed input (bsc#1247589). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-716=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-716=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * cairo-tools-1.18.4-160000.3.1 * libcairo-gobject2-debuginfo-1.18.4-160000.3.1 * libcairo2-1.18.4-160000.3.1 * libcairo2-debuginfo-1.18.4-160000.3.1 * cairo-debugsource-1.18.4-160000.3.1 * cairo-tools-debuginfo-1.18.4-160000.3.1 * libcairo-script-interpreter2-debuginfo-1.18.4-160000.3.1 * libcairo-gobject2-1.18.4-160000.3.1 * cairo-devel-1.18.4-160000.3.1 * libcairo-script-interpreter2-1.18.4-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * cairo-tools-1.18.4-160000.3.1 * libcairo-gobject2-debuginfo-1.18.4-160000.3.1 * libcairo2-1.18.4-160000.3.1 * libcairo2-debuginfo-1.18.4-160000.3.1 * cairo-debugsource-1.18.4-160000.3.1 * cairo-tools-debuginfo-1.18.4-160000.3.1 * libcairo-script-interpreter2-debuginfo-1.18.4-160000.3.1 * libcairo-gobject2-1.18.4-160000.3.1 * cairo-devel-1.18.4-160000.3.1 * libcairo-script-interpreter2-1.18.4-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-50422.html * https://bugzilla.suse.com/show_bug.cgi?id=1247589 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:54 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:54 -0000 Subject: SUSE-RU-2026:21561-1: moderate: Recommended update for raspberrypi-eeprom Message-ID: <177848831411.2501.7711568893310831561@d7d34dcee2d8> # Recommended update for raspberrypi-eeprom Announcement ID: SUSE-RU-2026:21561-1 Release Date: 2026-05-06T07:26:02Z Rating: moderate References: * bsc#1230279 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has one fix can now be installed. ## Description: This update for raspberrypi-eeprom fixes the following issues: * Update to 2026.01.09: * arm_loader: Apply rpifwcrypto lock permissions GET/SET USER OTP * Query all sdram devices for temperature when adjusting refresh * Add support for more SDRAM die configurations. * Update to 2025.12.08: * arm_loader: Add machine ID derived from OTP values * arm_ldconfig: Avoid double os_prefix on initramfs * recovery: Use OTP rpiboot GPIO if non-zero * Manufacture test updates for SDRAM. * Update to 2025.05.08: * arm_loader: Correct some mailbox response lengths * Signed boot and HTTP boot mode * Implement TCP window for net boot * netboot: Correct the TCP MSS * rp1_net: Overwrite the length field * Correct msecs in debug timestamps * Implement GET_BOARD_MAC_ADDRESS on Pi5 * Ensure the initramfs matches the kernel * Enable logging messages from OS loader * arm_dt: Revert to using the max fan speed * os_check: cm5: Check for CM5 specific dtbs * Log the fan speed at boot * Add current_supply to HAT+ support * Completely delete strings command check. Fixes (bsc#1230279) * Update to 2024.06.05: * Refresh patch * Update to v2023.10.30: * Fix SDIO / WiFi clock-setup for BOOT_ORDER=0xf14 * Fix SD power-on-reset * Firmware support for improved watchdog driver * Update DHCP Option97 to be R,P,i,5 on Pi5 * Updates from skipped v2023.10.18: * Add support for HAT gpiomap for improved HAT compatibility. * Add I2C probe for DSI display auto detect * Automatically set dtparam=nvme if booted from nvme * Fix network boot reset issue where only the first attempt works. * Adding pciex4_reset=0 to config.txt will leave RP1 PCIe enabled when ARM stage is started. * Prevent HDMI diagnostics being displayed immediately when waking after HALT. * Update board-name - "Raspberry Pi 5" ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-704=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-704=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * raspberrypi-eeprom-firmware-2026.01.09-160000.1.1 * raspberrypi-eeprom-2026.01.09-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * raspberrypi-eeprom-firmware-2026.01.09-160000.1.1 * raspberrypi-eeprom-2026.01.09-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1230279 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:30:51 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:30:51 -0000 Subject: SUSE-SU-2026:21572-1: low: Security update for iproute2 Message-ID: <177848825129.2501.12804169009549564806@d7d34dcee2d8> # Security update for iproute2 Announcement ID: SUSE-SU-2026:21572-1 Release Date: 2026-05-07T07:37:28Z Rating: low References: * bsc#1241316 * bsc#1253044 * bsc#1254324 * jsc#PED-14787 Cross-References: * CVE-2024-58251 CVSS scores: * CVE-2024-58251 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-58251 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-58251 ( NVD ): 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability, contains one feature and has two fixes can now be installed. ## Description: This update for iproute2 fixes the following issues: Security issues fixed: * CVE-2024-58251: terminal lock up via ANSI terminal escape sequence set in `argv[0]` (bsc#1254324). Other updates and bugfixes: * Fix package for immutable mode (jsc#PED-14787). * Add netshaper support (bsc#1253044). * Add follow-up fixes included by upstream after the 6.12 release (bsc#1241316): * Parse FQ band weights correctly * bond: fix stack smash in xstats * ip: support setting multiple features * tc: gred: fix debug print ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-715=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-715=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * iproute2-6.12-160000.3.1 * iproute2-debugsource-6.12-160000.3.1 * iproute2-debuginfo-6.12-160000.3.1 * libnetlink-devel-6.12-160000.3.1 * iproute2-arpd-6.12-160000.3.1 * iproute2-bash-completion-6.12-160000.3.1 * iproute2-arpd-debuginfo-6.12-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * iproute2-6.12-160000.3.1 * iproute2-debugsource-6.12-160000.3.1 * iproute2-debuginfo-6.12-160000.3.1 * libnetlink-devel-6.12-160000.3.1 * iproute2-arpd-6.12-160000.3.1 * iproute2-bash-completion-6.12-160000.3.1 * iproute2-arpd-debuginfo-6.12-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-58251.html * https://bugzilla.suse.com/show_bug.cgi?id=1241316 * https://bugzilla.suse.com/show_bug.cgi?id=1253044 * https://bugzilla.suse.com/show_bug.cgi?id=1254324 * https://jira.suse.com/browse/PED-14787 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:32:03 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:32:03 -0000 Subject: SUSE-SU-2026:21560-1: important: Security update for distribution Message-ID: <177848832326.2501.11446029806257527229@d7d34dcee2d8> # Security update for distribution Announcement ID: SUSE-SU-2026:21560-1 Release Date: 2026-05-06T00:34:11Z Rating: important References: * bsc#1259718 * bsc#1260283 * bsc#1261793 * bsc#1262096 * bsc#1262951 * jsc#PED-14747 Cross-References: * CVE-2026-33186 * CVE-2026-33540 * CVE-2026-34986 * CVE-2026-35172 CVSS scores: * CVE-2026-33186 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-33186 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33186 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-33540 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2026-33540 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35172 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-35172 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves four vulnerabilities, contains one feature and has one fix can now be installed. ## Description: This update for distribution fixes the following issues Security issues: * CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header (bsc#1260283). * CVE-2026-33540: information disclosure via improper validation of authentication realm URL (bsc#1261793). * CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key can lead to a denial of service (bsc#1262951). * CVE-2026-35172: information disclosure via stale references after content deletion (bsc#1262096). Non security issues: * add distribution-registry.tmpfiles (jsc#PED-14747). * distribution builds against go1.24 EOL (bsc#1259718). Changes for distribution: * update to 3.1.0 * Adds support for tag pagination * Fixes default credentials in Azure storage provider * Drops support for go1.23 and go1.24 and updates to go1.25 * See the full changelog below for the full list of changes. * docs: Update to refer to new image tag v3 * Fix default_credentials in azure storage provider * chore: make function comment match function name * build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 in the go_modules group across 1 directory * fix: implement JWK thumbprint for Ed25519 public keys * fix: Annotate code block from validation.indexes configuration docs * feat: extract redis config to separate struct * Fix: resolve issue #4478 by using a temporary file for non- append writes * build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 * docs: Add note about `OTEL_TRACES_EXPORTER` * fix: set OTEL traces to disabled by default * Fix markdown syntax for OTEL traces link in docs * Switch UUIDs to UUIDv7 * refactor: replace map iteration with maps.Copy/Clone * s3-aws: fix build for 386 * docs: Add OpenTelemetry links to quickstart docs * Fix S3 driver loglevel param * Fixed data race in TestSchedule test * Fixes #4683 - uses X/Y instead of Gx/Gy for thumbprint of ecdsa keys * build(deps): bump actions/checkout from 4 to 5 * Fix broken link to Docker Hub fair use policy * fix(registry/handlers/app): redis CAs * build(deps): bump actions/labeler from 5 to 6 * build(deps): bump actions/setup-go from 5 to 6 * build(deps): bump actions/upload-pages-artifact from 3 to 4 * build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 * build(deps): bump github/codeql-action from 3.26.5 to 4.30.7 * build(deps): bump github/codeql-action from 4.30.7 to 4.30.8 * chore: labeler: add area/client mapping for internal/client/** * client: add Accept headers to Exists() HEAD * feat(registry): Make graceful shutdown test robust * fix(registry): Correct log formatting for upstream challenge * build(deps): bump github/codeql-action from 4.30.8 to 4.30.9 * build(deps): bump github/codeql-action from 4.30.9 to 4.31.3 * refactor: remove redundant variable declarations in for loops * "should" -> "must" regarding redis eviction policy * build(deps): bump actions/checkout from 5 to 6 * Incorrect warning hint * Add return error when list object * build(deps): bump actions/checkout from 5.0.1 to 6.0.0 * build(deps): bump peter-evans/dockerhub-description from 4 to 5 * fix: Logging regression for manifest HEAD requests * Add boolean parsing util * Expose `useFIPSEndpoint` for S3 * Add Cloudfleet Container Registry to adopters * fix(ci): Fix broken Azure e2e storage tests * BUG: Fix notification filtering to work with actions when mediatypes is empty * build(deps): bump actions/checkout from 6.0.0 to 6.0.1 * build(deps): bump actions/upload-artifact from 4.6.2 to 6.0.0 * build(deps): bump github/codeql-action from 4.31.3 to 4.31.10 * build(deps): bump github/codeql-action from 4.31.10 to 4.32.2 * build(deps): bump actions/checkout from 6.0.1 to 6.0.2 * update golangci-lint to v2.9 and fix linting issues * update to go1.25.7, alpine 3.23, xx v1.9.0 * vendor: github.com/sirupsen/logrus v1.9.4 * vendor: update golang.org/x/* dependencies * vendor: github.com/docker/docker-credential-helpers v0.9.5 * vendor: github.com/opencontainers/image-spec v1.1.1 * vendor: github.com/klauspost/compress v1.18.4 * fix: prefer otel variables over hard coded service name * vendor: github.com/spf13/cobra v1.10.2 * vendor: github.com/bshuster-repo/logrus-logstash-hook v1.1.0 * fix: sync parent dir to ensure data is reliably stored * modernize code * vendor: github.com/docker/go-events 605354379745 * vendor: github.com/go-jose/go-jose/v4 v4.1.3 * build(deps): bump github/codeql-action from 4.32.2 to 4.32.5 * build(deps): bump docker/login-action from 3 to 4 * build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 * build(deps): bump docker/setup-buildx-action from 3 to 4 * build(deps): bump docker/bake-action from 6 to 7 * build(deps): bump docker/metadata-action from 5 to 6 * fix: nil-check scheduler in `proxyingRegistry.Close()` * fix: set MD5 on GCS writer before first `Write` call in `putContent` * docs: pull through cache will pull from remote multiple times * Update s3.md regionendpoint option * chore(deps): Bump Go to latest 1.25 in CI workflows and go.mod * fix: correct Ed25519 JWK thumbprint `kty` from `"OTP"` to `"OKP"` * Update vacuum.go * Opt: refector tag list pagination support (stage 1) * Correctly match environment variables to YAML-inlined structs in configuration * Enable Redis TLS without client certificates * build(deps): bump actions/deploy-pages from 4 to 5 * build(deps): bump github/codeql-action from 4.32.5 to 4.34.1 * fix(registry/proxy): use detached context when flushing write buffer * ci: pin actions and apply zizmor auto-fixes * build(deps): bump actions/setup-go from 6.3.0 to 6.4.0 * build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 in the go_modules group across 1 directory * chore(app): warn when partial TLS config is used in Redis * feat(registry): enhance authentication checks in htpasswd implementation * Opt: refactor tag list pagination support * build(deps): bump codecov/codecov-action from 5.5.4 to 6.0.0 * build(deps): bump actions/configure-pages from 5.0.0 to 6.0.0 * fix(vendor): fix broke vendor validation * chore(ci): Prep for v3.1 release * Update to version 3.1.0: * fix(vendor): fix broke vendpor validation * fix redis repo-scoped blob descriptor revocation * proxy: bind bearer realms to upstream trust boundary * restore directory ownership after last change * Move config files in systemd tmpfiles dir for immutable mode ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-703=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-703=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * distribution-registry-3.1.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * distribution-registry-3.1.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33186.html * https://www.suse.com/security/cve/CVE-2026-33540.html * https://www.suse.com/security/cve/CVE-2026-34986.html * https://www.suse.com/security/cve/CVE-2026-35172.html * https://bugzilla.suse.com/show_bug.cgi?id=1259718 * https://bugzilla.suse.com/show_bug.cgi?id=1260283 * https://bugzilla.suse.com/show_bug.cgi?id=1261793 * https://bugzilla.suse.com/show_bug.cgi?id=1262096 * https://bugzilla.suse.com/show_bug.cgi?id=1262951 * https://jira.suse.com/browse/PED-14747 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:30:55 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:30:55 -0000 Subject: SUSE-SU-2026:21571-1: moderate: Security update for libtpms Message-ID: <177848825582.2501.7571212049346631831@d7d34dcee2d8> # Security update for libtpms Announcement ID: SUSE-SU-2026:21571-1 Release Date: 2026-05-06T18:16:54Z Rating: moderate References: * bsc#1244528 * bsc#1260439 Cross-References: * CVE-2025-49133 * CVE-2026-21444 CVSS scores: * CVE-2025-49133 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H * CVE-2025-49133 ( NVD ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H * CVE-2025-49133 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-21444 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-21444 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2026-21444 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for libtpms fixes the following issues: * CVE-2025-49133: Fixed potential out of bounds (OOB) read vulnerability (bsc#1244528). * CVE-2026-21444: Fixed remote data confidentiality compromise via incorrect Initialization Vector (IV) handling (bsc#1260439). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-714=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-714=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libtpms0-0.10.0-160000.5.1 * libtpms-debugsource-0.10.0-160000.5.1 * libtpms0-debuginfo-0.10.0-160000.5.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libtpms0-0.10.0-160000.5.1 * libtpms-debugsource-0.10.0-160000.5.1 * libtpms0-debuginfo-0.10.0-160000.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-49133.html * https://www.suse.com/security/cve/CVE-2026-21444.html * https://bugzilla.suse.com/show_bug.cgi?id=1244528 * https://bugzilla.suse.com/show_bug.cgi?id=1260439 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:05 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:05 -0000 Subject: SUSE-RU-2026:21570-1: critical: Recommended update for nvidia-open-driver-G06-signed Message-ID: <177848826504.2501.2236077156553287874@d7d34dcee2d8> # Recommended update for nvidia-open-driver-G06-signed Announcement ID: SUSE-RU-2026:21570-1 Release Date: 2026-05-06T17:40:05Z Rating: critical References: * bsc#1212841 * bsc#1259719 * bsc#1259740 * bsc#1262749 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has four fixes can now be installed. ## Description: This update for nvidia-open-driver-G06-signed fixes the following issues: Changes in nvidia-open-driver-G06-signed: * update CUDA variant to 580.159.03 * update non-CUDA variant to 580.159.03 (boo#1262749) * get rid of confusing objtool warnings (boo#1212841) * improved RPM description for -cuda and non-cuda variant * add 'Provides: open-driver-non-cuda-variant = %version' for non-CUDA variant to be able to distinguish between both variants; to be used by nvidia-open- driver-G06-signed-kmp-meta for TW ... (boo#1259740) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-713=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-713=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-default-devel-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-cuda-default-devel-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-kmp-default-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-580.159.03_k6.12.0_160000.29-160000.1.1 * nv-prefer-signed-open-driver-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-debugsource-580.159.03-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-cuda-64kb-devel-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-debuginfo-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-cuda-kmp-64kb-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-64kb-devel-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-580.159.03_k6.12.0_160000.29-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * nvidia-open-driver-G06-signed-cuda-debugsource-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-default-devel-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-cuda-default-devel-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-kmp-default-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-580.159.03_k6.12.0_160000.29-160000.1.1 * nv-prefer-signed-open-driver-580.159.03-160000.1.1 * nvidia-open-driver-G06-signed-cuda-kmp-default-debuginfo-580.159.03_k6.12.0_160000.29-160000.1.1 * nvidia-open-driver-G06-signed-debugsource-580.159.03-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1212841 * https://bugzilla.suse.com/show_bug.cgi?id=1259719 * https://bugzilla.suse.com/show_bug.cgi?id=1259740 * https://bugzilla.suse.com/show_bug.cgi?id=1262749 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:12 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:12 -0000 Subject: SUSE-SU-2026:21568-1: moderate: Security update for python-pytest Message-ID: <177848827227.2501.10758550240683352318@d7d34dcee2d8> # Security update for python-pytest Announcement ID: SUSE-SU-2026:21568-1 Release Date: 2026-05-06T13:47:19Z Rating: moderate References: * bsc#1257090 Cross-References: * CVE-2025-71176 CVSS scores: * CVE-2025-71176 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L * CVE-2025-71176 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L * CVE-2025-71176 ( NVD ): 6.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-pytest fixes the following issue: * CVE-2025-71176: a TOCTOU race condition can cause a denial of service or possibly gain privileges (bsc#1257090). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-711=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-711=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-pytest-8.3.5-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * python313-pytest-8.3.5-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71176.html * https://bugzilla.suse.com/show_bug.cgi?id=1257090 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:15 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:15 -0000 Subject: SUSE-RU-2026:21567-1: moderate: Recommended update for protobuf Message-ID: <177848827578.2501.2682325782647148219@d7d34dcee2d8> # Recommended update for protobuf Announcement ID: SUSE-RU-2026:21567-1 Release Date: 2026-05-06T13:24:47Z Rating: moderate References: * bsc#1257662 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has one fix can now be installed. ## Description: This update for protobuf fixes the following issues: * Fix import issues with google.protobuf namespace (bsc#1257662). * Opt for individual %patch statements for varying strip levels. * Configure _default_patch_fuzz to 2 for successful application of cherry- picked patches. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-709=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-709=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libutf8_range-28_3_0-debuginfo-28.3-160000.4.1 * libprotobuf28_3_0-28.3-160000.4.1 * libprotoc28_3_0-28.3-160000.4.1 * libprotobuf-lite28_3_0-28.3-160000.4.1 * libprotobuf-lite28_3_0-debuginfo-28.3-160000.4.1 * protobuf-devel-debuginfo-28.3-160000.4.1 * python313-protobuf-debuginfo-5.28.3-160000.4.1 * python313-protobuf-5.28.3-160000.4.1 * protobuf-devel-28.3-160000.4.1 * libprotoc28_3_0-debuginfo-28.3-160000.4.1 * libprotobuf28_3_0-debuginfo-28.3-160000.4.1 * libutf8_range-28_3_0-28.3-160000.4.1 * python-protobuf-debugsource-5.28.3-160000.4.1 * protobuf-debugsource-28.3-160000.4.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * protobuf-java-28.3-160000.4.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libutf8_range-28_3_0-debuginfo-28.3-160000.4.1 * libprotobuf28_3_0-28.3-160000.4.1 * libprotoc28_3_0-28.3-160000.4.1 * libprotobuf-lite28_3_0-28.3-160000.4.1 * libprotobuf-lite28_3_0-debuginfo-28.3-160000.4.1 * protobuf-devel-debuginfo-28.3-160000.4.1 * python313-protobuf-debuginfo-5.28.3-160000.4.1 * python313-protobuf-5.28.3-160000.4.1 * protobuf-devel-28.3-160000.4.1 * libprotoc28_3_0-debuginfo-28.3-160000.4.1 * libprotobuf28_3_0-debuginfo-28.3-160000.4.1 * libutf8_range-28_3_0-28.3-160000.4.1 * python-protobuf-debugsource-5.28.3-160000.4.1 * protobuf-debugsource-28.3-160000.4.1 * SUSE Linux Enterprise Server 16.0 (noarch) * protobuf-java-28.3-160000.4.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1257662 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:32:54 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:32:54 -0000 Subject: SUSE-SU-2026:21559-1: important: Security update for wireshark Message-ID: <177848837455.2501.17739415841850277665@d7d34dcee2d8> # Security update for wireshark Announcement ID: SUSE-SU-2026:21559-1 Release Date: 2026-05-06T00:08:30Z Rating: important References: * bsc#1258907 * bsc#1258909 * bsc#1263726 * bsc#1263728 * bsc#1263729 * bsc#1263731 * bsc#1263732 * bsc#1263733 * bsc#1263734 * bsc#1263735 * bsc#1263736 * bsc#1263737 * bsc#1263739 * bsc#1263741 * bsc#1263742 * bsc#1263743 * bsc#1263744 * bsc#1263745 * bsc#1263746 * bsc#1263747 * bsc#1263749 * bsc#1263750 * bsc#1263751 * bsc#1263752 * bsc#1263753 * bsc#1263754 * bsc#1263756 * bsc#1263757 * bsc#1263762 * bsc#1263765 * bsc#1263766 * bsc#1263767 * bsc#1263809 Cross-References: * CVE-2026-3201 * CVE-2026-3203 * CVE-2026-5299 * CVE-2026-5401 * CVE-2026-5403 * CVE-2026-5404 * CVE-2026-5405 * CVE-2026-5406 * CVE-2026-5407 * CVE-2026-5408 * CVE-2026-5409 * CVE-2026-5653 * CVE-2026-5654 * CVE-2026-5656 * CVE-2026-5657 * CVE-2026-6519 * CVE-2026-6520 * CVE-2026-6521 * CVE-2026-6522 * CVE-2026-6523 * CVE-2026-6524 * CVE-2026-6527 * CVE-2026-6529 * CVE-2026-6530 * CVE-2026-6531 * CVE-2026-6532 * CVE-2026-6533 * CVE-2026-6534 * CVE-2026-6535 * CVE-2026-6537 * CVE-2026-6538 * CVE-2026-6868 * CVE-2026-6869 CVSS scores: * CVE-2026-3201 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-3201 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-3201 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3201 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-3203 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-3203 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2026-3203 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3203 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5299 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5299 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5401 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5401 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5403 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5404 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5404 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5404 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5405 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5405 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5406 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5406 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5407 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5407 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5408 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5408 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5409 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5409 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5653 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5653 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5653 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5654 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5654 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5654 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5656 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-5656 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5656 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-5657 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5657 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-5657 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6519 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6519 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6519 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6520 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6520 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6520 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6521 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6521 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6522 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6522 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6523 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6523 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6524 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6524 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6527 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6527 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6529 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6529 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6530 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6531 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6532 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6533 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6533 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6534 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6534 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6535 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6535 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6537 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6537 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6538 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6538 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6868 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-6869 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2026-6869 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves 33 vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues * CVE-2026-3201: missing limit checks in USB HID protocol dissector's `parse_report_descriptor` function can lead to memory exhaustion (bsc#1258907). * CVE-2026-3203: missing length checks in the RF4CE Profile protocol dissector can lead to illegal memory access and crash (bsc#1258909). * CVE-2026-5299: ICMPv6 dissector crash (bsc#1263757). * CVE-2026-5401: AFP dissector crash (bsc#1263756). * CVE-2026-5403: SBC audio codec crash (bsc#1263765). * CVE-2026-5404: K12 RF5 file parser crash (bsc#1263766). * CVE-2026-5405: RDP dissector crash (bsc#1263767). * CVE-2026-5406: FC-SWILS dissector crash (bsc#1263754). * CVE-2026-5407: SMB2 dissector infinite loop (bsc#1263753). * CVE-2026-5408: BT-DHT dissector crash (bsc#1263752). * CVE-2026-5409: Monero dissector crash (bsc#1263751). * CVE-2026-5653: DCP-ETSI dissector crash (bsc#1263750). * CVE-2026-5654: AMR-NB audio codec crash (bsc#1263749). * CVE-2026-5656: Profile import crash and possible code execution (bsc#1263809). * CVE-2026-5657: iLBC audio codec crash (bsc#1263747). * CVE-2026-6519: MBIM protocol dissector infinite loop (bsc#1263746). * CVE-2026-6520: OpenFlow v6 protocol dissector infinite loop (bsc#1263745). * CVE-2026-6521: OpenFlow v5 protocol dissector infinite loops (bsc#1263744). * CVE-2026-6522: RPKI-Router protocol dissector infinite loop (bsc#1263743). * CVE-2026-6523: GNW protocol dissector infinite loop (bsc#1263742). * CVE-2026-6524: MySQL protocol dissector crash (bsc#1263741). * CVE-2026-6527: ASN.1 PER dissector crash (bsc#1263739). * CVE-2026-6529: iLBC audio codec crash (bsc#1263737). * CVE-2026-6530: DCP-ETSI protocol dissector crash (bsc#1263736). * CVE-2026-6531: SANE protocol dissector infinite loop (bsc#1263735). * CVE-2026-6532: Kismet protocol dissector crash (bsc#1263734). * CVE-2026-6533: Dissection engine LZ77 decompression crash (bsc#1263733). * CVE-2026-6534: USB HID dissector infinite loop (bsc#1263732). * CVE-2026-6535: Dissection engine zlib decompression crash (bsc#1263731). * CVE-2026-6537: ZigBee dissector crash (bsc#1263729). * CVE-2026-6538: BEEP dissector crash (bsc#1263728). * CVE-2026-6868: HTTP protocol dissector crash (bsc#1263762). * CVE-2026-6869: WebSocket protocol dissector crash (bsc#1263726). Changes for wireshark: * Updated to 4.4.15 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-702=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-702=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libwsutil16-debuginfo-4.4.15-160000.1.1 * wireshark-debuginfo-4.4.15-160000.1.1 * libwiretap15-debuginfo-4.4.15-160000.1.1 * wireshark-debugsource-4.4.15-160000.1.1 * wireshark-ui-qt-4.4.15-160000.1.1 * libwireshark18-debuginfo-4.4.15-160000.1.1 * libwsutil16-4.4.15-160000.1.1 * libwireshark18-4.4.15-160000.1.1 * wireshark-ui-qt-debuginfo-4.4.15-160000.1.1 * wireshark-devel-4.4.15-160000.1.1 * libwiretap15-4.4.15-160000.1.1 * wireshark-4.4.15-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libwsutil16-debuginfo-4.4.15-160000.1.1 * wireshark-debuginfo-4.4.15-160000.1.1 * libwiretap15-debuginfo-4.4.15-160000.1.1 * wireshark-debugsource-4.4.15-160000.1.1 * wireshark-ui-qt-4.4.15-160000.1.1 * libwireshark18-debuginfo-4.4.15-160000.1.1 * libwsutil16-4.4.15-160000.1.1 * libwireshark18-4.4.15-160000.1.1 * wireshark-ui-qt-debuginfo-4.4.15-160000.1.1 * wireshark-devel-4.4.15-160000.1.1 * libwiretap15-4.4.15-160000.1.1 * wireshark-4.4.15-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3201.html * https://www.suse.com/security/cve/CVE-2026-3203.html * https://www.suse.com/security/cve/CVE-2026-5299.html * https://www.suse.com/security/cve/CVE-2026-5401.html * https://www.suse.com/security/cve/CVE-2026-5403.html * https://www.suse.com/security/cve/CVE-2026-5404.html * https://www.suse.com/security/cve/CVE-2026-5405.html * https://www.suse.com/security/cve/CVE-2026-5406.html * https://www.suse.com/security/cve/CVE-2026-5407.html * https://www.suse.com/security/cve/CVE-2026-5408.html * https://www.suse.com/security/cve/CVE-2026-5409.html * https://www.suse.com/security/cve/CVE-2026-5653.html * https://www.suse.com/security/cve/CVE-2026-5654.html * https://www.suse.com/security/cve/CVE-2026-5656.html * https://www.suse.com/security/cve/CVE-2026-5657.html * https://www.suse.com/security/cve/CVE-2026-6519.html * https://www.suse.com/security/cve/CVE-2026-6520.html * https://www.suse.com/security/cve/CVE-2026-6521.html * https://www.suse.com/security/cve/CVE-2026-6522.html * https://www.suse.com/security/cve/CVE-2026-6523.html * https://www.suse.com/security/cve/CVE-2026-6524.html * https://www.suse.com/security/cve/CVE-2026-6527.html * https://www.suse.com/security/cve/CVE-2026-6529.html * https://www.suse.com/security/cve/CVE-2026-6530.html * https://www.suse.com/security/cve/CVE-2026-6531.html * https://www.suse.com/security/cve/CVE-2026-6532.html * https://www.suse.com/security/cve/CVE-2026-6533.html * https://www.suse.com/security/cve/CVE-2026-6534.html * https://www.suse.com/security/cve/CVE-2026-6535.html * https://www.suse.com/security/cve/CVE-2026-6537.html * https://www.suse.com/security/cve/CVE-2026-6538.html * https://www.suse.com/security/cve/CVE-2026-6868.html * https://www.suse.com/security/cve/CVE-2026-6869.html * https://bugzilla.suse.com/show_bug.cgi?id=1258907 * https://bugzilla.suse.com/show_bug.cgi?id=1258909 * https://bugzilla.suse.com/show_bug.cgi?id=1263726 * https://bugzilla.suse.com/show_bug.cgi?id=1263728 * https://bugzilla.suse.com/show_bug.cgi?id=1263729 * https://bugzilla.suse.com/show_bug.cgi?id=1263731 * https://bugzilla.suse.com/show_bug.cgi?id=1263732 * https://bugzilla.suse.com/show_bug.cgi?id=1263733 * https://bugzilla.suse.com/show_bug.cgi?id=1263734 * https://bugzilla.suse.com/show_bug.cgi?id=1263735 * https://bugzilla.suse.com/show_bug.cgi?id=1263736 * https://bugzilla.suse.com/show_bug.cgi?id=1263737 * https://bugzilla.suse.com/show_bug.cgi?id=1263739 * https://bugzilla.suse.com/show_bug.cgi?id=1263741 * https://bugzilla.suse.com/show_bug.cgi?id=1263742 * https://bugzilla.suse.com/show_bug.cgi?id=1263743 * https://bugzilla.suse.com/show_bug.cgi?id=1263744 * https://bugzilla.suse.com/show_bug.cgi?id=1263745 * https://bugzilla.suse.com/show_bug.cgi?id=1263746 * https://bugzilla.suse.com/show_bug.cgi?id=1263747 * https://bugzilla.suse.com/show_bug.cgi?id=1263749 * https://bugzilla.suse.com/show_bug.cgi?id=1263750 * https://bugzilla.suse.com/show_bug.cgi?id=1263751 * https://bugzilla.suse.com/show_bug.cgi?id=1263752 * https://bugzilla.suse.com/show_bug.cgi?id=1263753 * https://bugzilla.suse.com/show_bug.cgi?id=1263754 * https://bugzilla.suse.com/show_bug.cgi?id=1263756 * https://bugzilla.suse.com/show_bug.cgi?id=1263757 * https://bugzilla.suse.com/show_bug.cgi?id=1263762 * https://bugzilla.suse.com/show_bug.cgi?id=1263765 * https://bugzilla.suse.com/show_bug.cgi?id=1263766 * https://bugzilla.suse.com/show_bug.cgi?id=1263767 * https://bugzilla.suse.com/show_bug.cgi?id=1263809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:16 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:16 -0000 Subject: SUSE-RU-2026:21566-1: moderate: Recommended update for python-hatchling Message-ID: <177848827685.2501.877353304609893511@d7d34dcee2d8> # Recommended update for python-hatchling Announcement ID: SUSE-RU-2026:21566-1 Release Date: 2026-05-06T12:54:52Z Rating: moderate References: Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that can now be installed. ## Description: This update for python-hatchling fixes the following issues: Changes in python-hatchling: * Convert to libalternatives on SLE-16-based and newer systems only ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-710=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-710=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * python313-hatchling-1.27.0-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * python313-hatchling-1.27.0-160000.3.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:33:03 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:33:03 -0000 Subject: SUSE-SU-2026:21558-1: important: Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16) Message-ID: <177848838321.2501.8355872636494620118@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21558-1 Release Date: 2026-05-05T22:36:52Z Rating: important References: * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes various security issues The following security issues were fixed: * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-699=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-699=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_27-default-debuginfo-3-160000.1.1 * kernel-livepatch-6_12_0-160000_27-default-3-160000.1.1 * kernel-livepatch-SLE16_Update_6-debugsource-3-160000.1.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_27-default-debuginfo-3-160000.1.1 * kernel-livepatch-6_12_0-160000_27-default-3-160000.1.1 * kernel-livepatch-SLE16_Update_6-debugsource-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:20 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:20 -0000 Subject: SUSE-RU-2026:21565-1: moderate: Recommended update for libselinux Message-ID: <177848828015.2501.10496023649955081488@d7d34dcee2d8> # Recommended update for libselinux Announcement ID: SUSE-RU-2026:21565-1 Release Date: 2026-05-06T11:14:53Z Rating: moderate References: * bsc#1261639 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has one fix can now be installed. ## Description: This update for libselinux fixes the following issues: * Backport commit "libselinux: retain LIFO order for path substitutions" (bsc#1261639) * otherwise we can not add equivalencies that overload each other in the policy * libselinux: retain LIFO order for path substitutions ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-708=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-708=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * selinux-tools-3.8.1-160000.3.1 * python313-selinux-3.8.1-160000.3.1 * libselinux-devel-static-3.8.1-160000.3.1 * libselinux-debugsource-3.8.1-160000.3.1 * libselinux-devel-3.8.1-160000.3.1 * libselinux1-3.8.1-160000.3.1 * libselinux-bindings-debugsource-3.8.1-160000.3.1 * selinux-tools-debuginfo-3.8.1-160000.3.1 * ruby-selinux-3.8.1-160000.3.1 * ruby-selinux-debuginfo-3.8.1-160000.3.1 * libselinux1-debuginfo-3.8.1-160000.3.1 * python313-selinux-debuginfo-3.8.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * selinux-tools-3.8.1-160000.3.1 * python313-selinux-3.8.1-160000.3.1 * libselinux-devel-static-3.8.1-160000.3.1 * libselinux-debugsource-3.8.1-160000.3.1 * libselinux-devel-3.8.1-160000.3.1 * libselinux1-3.8.1-160000.3.1 * libselinux-bindings-debugsource-3.8.1-160000.3.1 * selinux-tools-debuginfo-3.8.1-160000.3.1 * ruby-selinux-3.8.1-160000.3.1 * ruby-selinux-debuginfo-3.8.1-160000.3.1 * libselinux1-debuginfo-3.8.1-160000.3.1 * python313-selinux-debuginfo-3.8.1-160000.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1261639 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:31:37 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:31:37 -0000 Subject: SUSE-SU-2026:21563-1: important: Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) Message-ID: <177848829769.2501.12999139460677989566@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21563-1 Release Date: 2026-05-06T09:35:23Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-706=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-706=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1 * kernel-livepatch-6_12_0-160000_7-default-debuginfo-7-160000.1.1 * kernel-livepatch-SLE16_Update_2-debugsource-7-160000.1.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1 * kernel-livepatch-6_12_0-160000_7-default-debuginfo-7-160000.1.1 * kernel-livepatch-SLE16_Update_2-debugsource-7-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:33:20 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:33:20 -0000 Subject: SUSE-SU-2026:21556-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16) Message-ID: <177848840002.2501.5093387901069559339@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21556-1 Release Date: 2026-05-05T20:01:32Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-693=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-693=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_7-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_7-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:33:13 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:33:13 -0000 Subject: SUSE-SU-2026:21557-1: important: Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16) Message-ID: <177848839374.2501.388253260969185661@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21557-1 Release Date: 2026-05-05T20:04:45Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-694=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-694=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_26-default-4-160000.1.1 * kernel-livepatch-6_12_0-160000_26-default-debuginfo-4-160000.1.1 * kernel-livepatch-SLE16_Update_5-debugsource-4-160000.1.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_26-default-4-160000.1.1 * kernel-livepatch-6_12_0-160000_26-default-debuginfo-4-160000.1.1 * kernel-livepatch-SLE16_Update_5-debugsource-4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:33:32 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:33:32 -0000 Subject: SUSE-SU-2026:21555-1: important: Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Message-ID: <177848841280.2501.13158848124360805937@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21555-1 Release Date: 2026-05-05T19:50:41Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-692=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-692=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-SLE16_Update_0-debugsource-11-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-debuginfo-11-160000.4.3 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_0-debugsource-11-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-debuginfo-11-160000.4.3 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:33:45 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:33:45 -0000 Subject: SUSE-SU-2026:21554-1: important: Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Message-ID: <177848842576.2501.6542949514175605742@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21554-1 Release Date: 2026-05-05T19:49:32Z Rating: important References: * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-691=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-691=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * kernel-livepatch-6_12_0-160000_9-default-debuginfo-5-160000.1.1 * kernel-livepatch-SLE16_Update_4-debugsource-5-160000.1.1 * kernel-livepatch-6_12_0-160000_9-default-5-160000.1.1 * SUSE Linux Enterprise Server 16.0 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_9-default-debuginfo-5-160000.1.1 * kernel-livepatch-SLE16_Update_4-debugsource-5-160000.1.1 * kernel-livepatch-6_12_0-160000_9-default-5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:33:49 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:33:49 -0000 Subject: SUSE-SU-2026:21553-1: moderate: Security update for opencc Message-ID: <177848842908.2501.18442958982516814461@d7d34dcee2d8> # Security update for opencc Announcement ID: SUSE-SU-2026:21553-1 Release Date: 2026-05-05T15:14:33Z Rating: moderate References: * bsc#1256930 Cross-References: * CVE-2025-15536 CVSS scores: * CVE-2025-15536 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-15536 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-15536 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-15536 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2025-15536 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for opencc fixes the following issues: Update to version 1.2.0. Security issues fixed: * CVE-2025-15536: specifically crafted string can lead to out-of-bounds read (bsc#1256930). Other updates and bugfixes: * Version 1.2.0: * Fix the crash issue when reading configuration files. * Add type definitions (Typing). * Fix two out-of-bounds reading issues when handling truncated UTF-8 input. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-686=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-686=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libopencc1_2-1.2.0-160000.1.1 * libopencc1_2-debuginfo-1.2.0-160000.1.1 * opencc-data-1.2.0-160000.1.1 * opencc-debuginfo-1.2.0-160000.1.1 * opencc-debugsource-1.2.0-160000.1.1 * opencc-devel-1.2.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libopencc1_2-1.2.0-160000.1.1 * libopencc1_2-debuginfo-1.2.0-160000.1.1 * opencc-data-1.2.0-160000.1.1 * opencc-debuginfo-1.2.0-160000.1.1 * opencc-debugsource-1.2.0-160000.1.1 * opencc-devel-1.2.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-15536.html * https://bugzilla.suse.com/show_bug.cgi?id=1256930 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:34:01 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:34:01 -0000 Subject: SUSE-SU-2026:21552-1: important: Security update for java-17-openjdk Message-ID: <177848844188.2501.4720241457562947750@d7d34dcee2d8> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2026:21552-1 Release Date: 2026-05-05T15:12:06Z Rating: important References: * bsc#1259118 * bsc#1262490 * bsc#1262494 * bsc#1262495 * bsc#1262496 * bsc#1262497 * bsc#1262500 * bsc#1262501 * jsc#PED-15898 Cross-References: * CVE-2026-22007 * CVE-2026-22013 * CVE-2026-22016 * CVE-2026-22018 * CVE-2026-22021 * CVE-2026-23865 * CVE-2026-34268 * CVE-2026-34282 CVSS scores: * CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22013 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34282 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves eight vulnerabilities and contains one feature can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.19+10 (April 2026 CPU). Security issues fixed: * CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessible data (bsc#1262490). * CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized access to critical data (bsc#1262494). * CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized to access critical data (bsc#1262495). * CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial denial of service (bsc#1262496). * CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service (bsc#1262497). * CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118). * CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of data (bsc#1262500). * CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or frequently repeatable crash (bsc#1262501). Other updates and bugfixes: * Provide the timezone-java and tzdata-java (jsc#PED-15898). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-683=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-683=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * java-17-openjdk-jmods-17.0.19.0-160000.1.1 * java-17-openjdk-src-17.0.19.0-160000.1.1 * java-17-openjdk-demo-17.0.19.0-160000.1.1 * java-17-openjdk-devel-debuginfo-17.0.19.0-160000.1.1 * java-17-openjdk-17.0.19.0-160000.1.1 * java-17-openjdk-headless-17.0.19.0-160000.1.1 * java-17-openjdk-debuginfo-17.0.19.0-160000.1.1 * java-17-openjdk-devel-17.0.19.0-160000.1.1 * java-17-openjdk-headless-debuginfo-17.0.19.0-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * java-17-openjdk-javadoc-17.0.19.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-jmods-17.0.19.0-160000.1.1 * java-17-openjdk-src-17.0.19.0-160000.1.1 * java-17-openjdk-demo-17.0.19.0-160000.1.1 * java-17-openjdk-devel-debuginfo-17.0.19.0-160000.1.1 * java-17-openjdk-17.0.19.0-160000.1.1 * java-17-openjdk-headless-17.0.19.0-160000.1.1 * java-17-openjdk-debuginfo-17.0.19.0-160000.1.1 * java-17-openjdk-devel-17.0.19.0-160000.1.1 * java-17-openjdk-headless-debuginfo-17.0.19.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * java-17-openjdk-javadoc-17.0.19.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22007.html * https://www.suse.com/security/cve/CVE-2026-22013.html * https://www.suse.com/security/cve/CVE-2026-22016.html * https://www.suse.com/security/cve/CVE-2026-22018.html * https://www.suse.com/security/cve/CVE-2026-22021.html * https://www.suse.com/security/cve/CVE-2026-23865.html * https://www.suse.com/security/cve/CVE-2026-34268.html * https://www.suse.com/security/cve/CVE-2026-34282.html * https://bugzilla.suse.com/show_bug.cgi?id=1259118 * https://bugzilla.suse.com/show_bug.cgi?id=1262490 * https://bugzilla.suse.com/show_bug.cgi?id=1262494 * https://bugzilla.suse.com/show_bug.cgi?id=1262495 * https://bugzilla.suse.com/show_bug.cgi?id=1262496 * https://bugzilla.suse.com/show_bug.cgi?id=1262497 * https://bugzilla.suse.com/show_bug.cgi?id=1262500 * https://bugzilla.suse.com/show_bug.cgi?id=1262501 * https://jira.suse.com/browse/PED-15898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:34:16 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:34:16 -0000 Subject: SUSE-SU-2026:21551-1: important: Security update for java-21-openjdk Message-ID: <177848845627.2501.5201825435563253088@d7d34dcee2d8> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2026:21551-1 Release Date: 2026-05-05T15:10:02Z Rating: important References: * bsc#1259118 * bsc#1262490 * bsc#1262494 * bsc#1262495 * bsc#1262496 * bsc#1262497 * bsc#1262500 * bsc#1262501 * jsc#PED-15898 Cross-References: * CVE-2026-22007 * CVE-2026-22013 * CVE-2026-22016 * CVE-2026-22018 * CVE-2026-22021 * CVE-2026-23865 * CVE-2026-34268 * CVE-2026-34282 CVSS scores: * CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22013 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34282 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves eight vulnerabilities and contains one feature can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.11+10 (April 2026 CPU). Security issues fixed: * CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessible data (bsc#1262490). * CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized access to critical data (bsc#1262494). * CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized to access critical data (bsc#1262495). * CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial denial of service (bsc#1262496). * CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service (bsc#1262497). * CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118). * CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of data (bsc#1262500). * CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or frequently repeatable crash (bsc#1262501). Other updates and bugfixes: * Provide the timezone-java and tzdata-java (jsc#PED-15898). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-684=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-684=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * java-21-openjdk-debuginfo-21.0.11.0-160000.1.1 * java-21-openjdk-21.0.11.0-160000.1.1 * java-21-openjdk-src-21.0.11.0-160000.1.1 * java-21-openjdk-jmods-21.0.11.0-160000.1.1 * java-21-openjdk-headless-21.0.11.0-160000.1.1 * java-21-openjdk-headless-debuginfo-21.0.11.0-160000.1.1 * java-21-openjdk-devel-21.0.11.0-160000.1.1 * java-21-openjdk-devel-debuginfo-21.0.11.0-160000.1.1 * java-21-openjdk-demo-21.0.11.0-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * java-21-openjdk-javadoc-21.0.11.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-debuginfo-21.0.11.0-160000.1.1 * java-21-openjdk-21.0.11.0-160000.1.1 * java-21-openjdk-src-21.0.11.0-160000.1.1 * java-21-openjdk-jmods-21.0.11.0-160000.1.1 * java-21-openjdk-headless-21.0.11.0-160000.1.1 * java-21-openjdk-headless-debuginfo-21.0.11.0-160000.1.1 * java-21-openjdk-devel-21.0.11.0-160000.1.1 * java-21-openjdk-devel-debuginfo-21.0.11.0-160000.1.1 * java-21-openjdk-demo-21.0.11.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * java-21-openjdk-javadoc-21.0.11.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22007.html * https://www.suse.com/security/cve/CVE-2026-22013.html * https://www.suse.com/security/cve/CVE-2026-22016.html * https://www.suse.com/security/cve/CVE-2026-22018.html * https://www.suse.com/security/cve/CVE-2026-22021.html * https://www.suse.com/security/cve/CVE-2026-23865.html * https://www.suse.com/security/cve/CVE-2026-34268.html * https://www.suse.com/security/cve/CVE-2026-34282.html * https://bugzilla.suse.com/show_bug.cgi?id=1259118 * https://bugzilla.suse.com/show_bug.cgi?id=1262490 * https://bugzilla.suse.com/show_bug.cgi?id=1262494 * https://bugzilla.suse.com/show_bug.cgi?id=1262495 * https://bugzilla.suse.com/show_bug.cgi?id=1262496 * https://bugzilla.suse.com/show_bug.cgi?id=1262497 * https://bugzilla.suse.com/show_bug.cgi?id=1262500 * https://bugzilla.suse.com/show_bug.cgi?id=1262501 * https://jira.suse.com/browse/PED-15898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:34:33 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:34:33 -0000 Subject: SUSE-SU-2026:21550-1: moderate: Security update for frr Message-ID: <177848847394.2501.9331057513447700072@d7d34dcee2d8> # Security update for frr Announcement ID: SUSE-SU-2026:21550-1 Release Date: 2026-05-05T14:30:54Z Rating: moderate References: * bsc#1252761 * bsc#1252810 * bsc#1252811 * bsc#1252812 * bsc#1252813 * bsc#1252829 * bsc#1252833 * bsc#1252835 * bsc#1252838 * bsc#1261013 * jsc#PED-14796 * jsc#PED-266 Cross-References: * CVE-2025-61099 * CVE-2025-61100 * CVE-2025-61101 * CVE-2025-61102 * CVE-2025-61103 * CVE-2025-61104 * CVE-2025-61105 * CVE-2025-61106 * CVE-2025-61107 * CVE-2026-5107 CVSS scores: * CVE-2025-61099 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61099 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61099 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61100 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61100 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61100 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61101 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61101 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61101 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61102 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61102 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61102 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61103 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61103 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61103 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61104 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61104 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61104 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61105 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61105 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61105 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61106 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61106 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61106 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61107 ( SUSE ): 6.0 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61107 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61107 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5107 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-5107 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-5107 ( NVD ): 2.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-5107 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2026-5107 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves 10 vulnerabilities and contains two features can now be installed. ## Description: This update for frr fixes the following issues: Security issues: * CVE-2025-61099: NULL Pointer Dereference in FRRouting (bsc#1252838). * CVE-2025-61100: NULL Pointer Dereference in FRRouting (bsc#1252829). * CVE-2025-61101: NULL Pointer Dereference in FRRouting (bsc#1252833). * CVE-2025-61102: NULL Pointer Dereference in FRRouting (bsc#1252835). * CVE-2025-61103: NULL pointer dereference in show_vty_ext_link_lan_adj_sid() in ospf_ext.c (bsc#1252810). * CVE-2025-61104: NULL pointer dereference in show_vty_unknown_tlv() in ospf_ext.c (bsc#1252811). * CVE-2025-61105: FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c (bsc#1252761). * CVE-2025-61106: NULL pointer dereference in show_vty_ext_pref_pref_sid() in ospf_ext.c (bsc#1252812). * CVE-2025-61107: NULL pointer dereference in show_vty_ext_pref_pref_sid() in ospf_ext.c (bsc#1252813). * CVE-2026-5107: A vulnerability has been found in FRRouting FRR up to 10.5.1. This affects the function process_type2_route of the file bgpd/bgp_evpn.c of the component EVPN Type-2 Route Handler. The manipulation leads to improper a (bsc#1261013). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-685=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-685=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libfrrzmq0-10.2.1-160000.3.1 * libfrrsnmp0-debuginfo-10.2.1-160000.3.1 * frr-10.2.1-160000.3.1 * frr-debugsource-10.2.1-160000.3.1 * frr-devel-10.2.1-160000.3.1 * libfrr_pb0-debuginfo-10.2.1-160000.3.1 * libfrrsnmp0-10.2.1-160000.3.1 * libmgmt_be_nb0-debuginfo-10.2.1-160000.3.1 * libfrr0-10.2.1-160000.3.1 * libfrr0-debuginfo-10.2.1-160000.3.1 * libfrr_pb0-10.2.1-160000.3.1 * libfrrfpm_pb0-debuginfo-10.2.1-160000.3.1 * libfrrfpm_pb0-10.2.1-160000.3.1 * libfrrospfapiclient0-10.2.1-160000.3.1 * frr-debuginfo-10.2.1-160000.3.1 * libfrrospfapiclient0-debuginfo-10.2.1-160000.3.1 * libfrrzmq0-debuginfo-10.2.1-160000.3.1 * libmgmt_be_nb0-10.2.1-160000.3.1 * libfrrcares0-10.2.1-160000.3.1 * libfrrcares0-debuginfo-10.2.1-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libfrrzmq0-10.2.1-160000.3.1 * libfrrsnmp0-debuginfo-10.2.1-160000.3.1 * frr-10.2.1-160000.3.1 * frr-debugsource-10.2.1-160000.3.1 * frr-devel-10.2.1-160000.3.1 * libfrr_pb0-debuginfo-10.2.1-160000.3.1 * libfrrsnmp0-10.2.1-160000.3.1 * libmgmt_be_nb0-debuginfo-10.2.1-160000.3.1 * libfrr0-10.2.1-160000.3.1 * libfrr0-debuginfo-10.2.1-160000.3.1 * libfrr_pb0-10.2.1-160000.3.1 * libfrrfpm_pb0-debuginfo-10.2.1-160000.3.1 * libfrrfpm_pb0-10.2.1-160000.3.1 * libfrrospfapiclient0-10.2.1-160000.3.1 * frr-debuginfo-10.2.1-160000.3.1 * libfrrospfapiclient0-debuginfo-10.2.1-160000.3.1 * libfrrzmq0-debuginfo-10.2.1-160000.3.1 * libmgmt_be_nb0-10.2.1-160000.3.1 * libfrrcares0-10.2.1-160000.3.1 * libfrrcares0-debuginfo-10.2.1-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61099.html * https://www.suse.com/security/cve/CVE-2025-61100.html * https://www.suse.com/security/cve/CVE-2025-61101.html * https://www.suse.com/security/cve/CVE-2025-61102.html * https://www.suse.com/security/cve/CVE-2025-61103.html * https://www.suse.com/security/cve/CVE-2025-61104.html * https://www.suse.com/security/cve/CVE-2025-61105.html * https://www.suse.com/security/cve/CVE-2025-61106.html * https://www.suse.com/security/cve/CVE-2025-61107.html * https://www.suse.com/security/cve/CVE-2026-5107.html * https://bugzilla.suse.com/show_bug.cgi?id=1252761 * https://bugzilla.suse.com/show_bug.cgi?id=1252810 * https://bugzilla.suse.com/show_bug.cgi?id=1252811 * https://bugzilla.suse.com/show_bug.cgi?id=1252812 * https://bugzilla.suse.com/show_bug.cgi?id=1252813 * https://bugzilla.suse.com/show_bug.cgi?id=1252829 * https://bugzilla.suse.com/show_bug.cgi?id=1252833 * https://bugzilla.suse.com/show_bug.cgi?id=1252835 * https://bugzilla.suse.com/show_bug.cgi?id=1252838 * https://bugzilla.suse.com/show_bug.cgi?id=1261013 * https://jira.suse.com/browse/PED-14796 * https://jira.suse.com/browse/PED-266 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:34:39 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:34:39 -0000 Subject: SUSE-RU-2026:21548-1: moderate: Recommended update for mariadb Message-ID: <177848847903.2501.14225335984124526679@d7d34dcee2d8> # Recommended update for mariadb Announcement ID: SUSE-RU-2026:21548-1 Release Date: 2026-05-05T08:20:09Z Rating: moderate References: * bsc#1263153 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has one fix can now be installed. ## Description: This update for mariadb fixes the following issues: Changes in mariadb: * Fixes crash in information_schema.table_constraints when --skip-grant-tables (bsc#1263153) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-677=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-677=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * libmariadbd19-11.8.6-160000.2.1 * mariadb-tools-11.8.6-160000.2.1 * mariadb-debugsource-11.8.6-160000.2.1 * libmariadbd19-debuginfo-11.8.6-160000.2.1 * mariadb-11.8.6-160000.2.1 * mariadb-client-debuginfo-11.8.6-160000.2.1 * mariadb-bench-debuginfo-11.8.6-160000.2.1 * mariadb-bench-11.8.6-160000.2.1 * mariadb-client-11.8.6-160000.2.1 * mariadb-tools-debuginfo-11.8.6-160000.2.1 * libmariadbd-devel-11.8.6-160000.2.1 * mariadb-debuginfo-11.8.6-160000.2.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * mariadb-errormessages-11.8.6-160000.2.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libmariadbd19-11.8.6-160000.2.1 * mariadb-tools-11.8.6-160000.2.1 * mariadb-debugsource-11.8.6-160000.2.1 * libmariadbd19-debuginfo-11.8.6-160000.2.1 * mariadb-11.8.6-160000.2.1 * mariadb-client-debuginfo-11.8.6-160000.2.1 * mariadb-bench-debuginfo-11.8.6-160000.2.1 * mariadb-bench-11.8.6-160000.2.1 * mariadb-client-11.8.6-160000.2.1 * mariadb-tools-debuginfo-11.8.6-160000.2.1 * libmariadbd-devel-11.8.6-160000.2.1 * mariadb-debuginfo-11.8.6-160000.2.1 * SUSE Linux Enterprise Server 16.0 (noarch) * mariadb-errormessages-11.8.6-160000.2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1263153 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:34:35 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:34:35 -0000 Subject: SUSE-RU-2026:21549-1: moderate: Recommended update for suse-kabi-tools Message-ID: <177848847596.2501.17829749033263954360@d7d34dcee2d8> # Recommended update for suse-kabi-tools Announcement ID: SUSE-RU-2026:21549-1 Release Date: 2026-05-05T09:37:15Z Rating: moderate References: Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that can now be installed. ## Description: This update for suse-kabi-tools fixes the following issues: Changes in suse-kabi-tools: Update to version 1.1.0+git0.3857c3a: * Add support for parsing quoted type names * Report changes from a forward declaration to a definition in a succinct manner * Fix the path reported in symtypes parsing errors * Reject any extra data at the end of an override record * Fix formatting of typedef enum declarations * Fix the paths displayed when reporting duplicated exports * Reject duplicate paths when reading symtypes data * Ensure that loading symtypes data has commit or rollback semantics Update to version 1.0.0+git0.4b3a0d0: * Make parsing errors more informative * Add the --filter-symbol-list option for 'ksymvers compare' * Restrict 'ksymtypes split' to loading only consolidated symtypes files * Restrict 'ksymtypes consolidate' to loading only split symtypes files * Be less aggressive about wrapping '(', ')' and ',' * Enable setting output format of the ksymtypes comparison * Add --format=mod-symbols for 'ksymvers compare' and 'ksymtypes compare' * Add --format=short for 'ksymvers compare' and 'ksymtypes compare' * Adopt a three-value exit status similar to that of diff/grep * Exit 'ksymtypes compare' with code indicating input equality * Require Rust version 1.88 or higher Update to version 0.5.0+git6.7ef8a5e: * Correct the --version output ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-682=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-682=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * suse-kabi-tools-1.1.0+git0.3857c3a-160000.1.1 * suse-kabi-tools-debugsource-1.1.0+git0.3857c3a-160000.1.1 * suse-kabi-tools-debuginfo-1.1.0+git0.3857c3a-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * suse-kabi-tools-1.1.0+git0.3857c3a-160000.1.1 * suse-kabi-tools-debugsource-1.1.0+git0.3857c3a-160000.1.1 * suse-kabi-tools-debuginfo-1.1.0+git0.3857c3a-160000.1.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:34:51 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:34:51 -0000 Subject: SUSE-SU-2026:21547-1: important: Security update for strongswan Message-ID: <177848849130.2501.8704934042727200088@d7d34dcee2d8> # Security update for strongswan Announcement ID: SUSE-SU-2026:21547-1 Release Date: 2026-05-05T07:12:05Z Rating: important References: * bsc#1261705 * bsc#1261706 * bsc#1261708 * bsc#1261712 * bsc#1261717 * bsc#1261718 * bsc#1261720 * jsc#PED-16145 Cross-References: * CVE-2026-35328 * CVE-2026-35329 * CVE-2026-35330 * CVE-2026-35331 * CVE-2026-35332 * CVE-2026-35333 * CVE-2026-35334 CVSS scores: * CVE-2026-35328 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35328 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35329 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35329 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35330 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-35330 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-35331 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-35331 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-35332 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35332 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35333 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35333 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-35334 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-35334 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves seven vulnerabilities and contains one feature can now be installed. ## Description: This update for strongswan fixes the following issues: Update to version 6.0.6 (jsc#PED-16145). Security issued fixed: * CVE-2026-35328: infinite loop when handling supported versions TLS extension (bsc#1261712). * CVE-2026-35329: NULL pointer dereference when processing padding in PKCS#7 (bsc#1261717). * CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attributes (bsc#1261705). * CVE-2026-35331: acceptance of certificates violating X.509 name constraints (bsc#1261718). * CVE-2026-35332: NULL pointer dereference when handling ECDH public value in TLS (bsc#1261708). * CVE-2026-35333: integer underflow when handling RADIUS attributes (bsc#1261706). * CVE-2026-35334: possible NULL pointer dereference in RSA decryption (bsc#1261720). Other updates and bugfixes: * Version 6.0.6. * Enhancements and Optimizations * Added the unique ID to the log messages when creating an IKE SA as responder and when deleting such a half-open SA * The credential factory now enforces an upper limit of 10 when creating nested credentials. * Added Georgian translation to the NM plugin. * Fixes * IKEv2 fragments with a total fragment count lower than before are now dropped as mandated by the RFC . * Fixed a potential out-of-bounds read when parsing EAP-SIM/AKA attributes with actual length field. * Fixed a potential out-of-bounds read when enumerating hashes in OCSP CERTREQ payloads . * Fixed a potential crash in the vici plugin when parsing messages that encode the length of a VICI_LIST_ITEM incorrectly. * Avoid allocating a large buffer for TLS cipher suites on the stack using alloca(). * Ensure TLS 1.3 CertificateRequest structures are valid on the client. * Prevent an infinite loop if the EAP-SIM version list on the client contains more than one entry . * Fixed a crash in the tnccs_11 plugin if TNCCS-ReasonStrings is empty or only contains empty nodes . * Fixed verification of RSA signatures with SHA3-224 via botan plugin. * Close the internal IPv6 socket when a tun_device_t is destroyed . * Update the address family in the SA selector when the addresses of a tunnel mode IPsec SA change in the kernel-netlink plugin. * Version 6.0.5: * Fixed a vulnerability in the eap-ttls plugin related to processing EAP-TTLS AVPs that can lead to resource exhaustion or a crash. * The new `icmp` option enables the forwarding of certain ICMP error messages (e.g. Fragmentation Needed), even if their source address doesn't match the negotiated traffic selectors, when running on Linux kernels that support this (v6.9+). * charon-cmd now supports childless IKE SA initiation with the `--childless` option. * The dhcp plugin now keeps track of address leases across make-before-break reauthentications to avoid releasing the address when the old SA is terminated * Added support for `organizationIdentifier` RDNs, which are used in e.g. eIDAS certificates, when parsing ASN.1 DN identities from strings. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-680=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-680=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * strongswan-nm-6.0.6-160000.1.1 * strongswan-sqlite-debuginfo-6.0.6-160000.1.1 * strongswan-debugsource-6.0.6-160000.1.1 * strongswan-fips-6.0.6-160000.1.1 * strongswan-nm-debuginfo-6.0.6-160000.1.1 * strongswan-mysql-6.0.6-160000.1.1 * strongswan-sqlite-6.0.6-160000.1.1 * strongswan-debuginfo-6.0.6-160000.1.1 * strongswan-ipsec-debuginfo-6.0.6-160000.1.1 * strongswan-mysql-debuginfo-6.0.6-160000.1.1 * strongswan-ipsec-6.0.6-160000.1.1 * strongswan-6.0.6-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * strongswan-doc-6.0.6-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * strongswan-nm-6.0.6-160000.1.1 * strongswan-sqlite-debuginfo-6.0.6-160000.1.1 * strongswan-debugsource-6.0.6-160000.1.1 * strongswan-fips-6.0.6-160000.1.1 * strongswan-nm-debuginfo-6.0.6-160000.1.1 * strongswan-mysql-6.0.6-160000.1.1 * strongswan-sqlite-6.0.6-160000.1.1 * strongswan-debuginfo-6.0.6-160000.1.1 * strongswan-ipsec-debuginfo-6.0.6-160000.1.1 * strongswan-mysql-debuginfo-6.0.6-160000.1.1 * strongswan-ipsec-6.0.6-160000.1.1 * strongswan-6.0.6-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * strongswan-doc-6.0.6-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-35328.html * https://www.suse.com/security/cve/CVE-2026-35329.html * https://www.suse.com/security/cve/CVE-2026-35330.html * https://www.suse.com/security/cve/CVE-2026-35331.html * https://www.suse.com/security/cve/CVE-2026-35332.html * https://www.suse.com/security/cve/CVE-2026-35333.html * https://www.suse.com/security/cve/CVE-2026-35334.html * https://bugzilla.suse.com/show_bug.cgi?id=1261705 * https://bugzilla.suse.com/show_bug.cgi?id=1261706 * https://bugzilla.suse.com/show_bug.cgi?id=1261708 * https://bugzilla.suse.com/show_bug.cgi?id=1261712 * https://bugzilla.suse.com/show_bug.cgi?id=1261717 * https://bugzilla.suse.com/show_bug.cgi?id=1261718 * https://bugzilla.suse.com/show_bug.cgi?id=1261720 * https://jira.suse.com/browse/PED-16145 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:34:54 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:34:54 -0000 Subject: SUSE-RU-2026:21546-1: important: Recommended update for ipmitool Message-ID: <177848849493.2501.12422783484347379059@d7d34dcee2d8> # Recommended update for ipmitool Announcement ID: SUSE-RU-2026:21546-1 Release Date: 2026-05-05T07:09:23Z Rating: important References: * bsc#1259310 Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that has one fix can now be installed. ## Description: This update for ipmitool fixes the following issue: Change in ipmitool: * Fix for improper PID file creation (bsc#1259310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-679=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-679=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * ipmitool-debugsource-1.8.19.13.gbe11d94-160000.3.1 * ipmitool-1.8.19.13.gbe11d94-160000.3.1 * ipmitool-debuginfo-1.8.19.13.gbe11d94-160000.3.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * ipmitool-bmc-snmp-proxy-1.8.19.13.gbe11d94-160000.3.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * ipmitool-debugsource-1.8.19.13.gbe11d94-160000.3.1 * ipmitool-1.8.19.13.gbe11d94-160000.3.1 * ipmitool-debuginfo-1.8.19.13.gbe11d94-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * ipmitool-bmc-snmp-proxy-1.8.19.13.gbe11d94-160000.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1259310 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:35:00 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:35:00 -0000 Subject: SUSE-SU-2026:21545-1: important: Security update for mozjs128 Message-ID: <177848850097.2501.9849058525642385152@d7d34dcee2d8> # Security update for mozjs128 Announcement ID: SUSE-SU-2026:21545-1 Release Date: 2026-05-05T00:25:19Z Rating: important References: * bsc#1259713 * bsc#1259728 * bsc#1259731 Cross-References: * CVE-2026-32776 * CVE-2026-32777 * CVE-2026-32778 CVSS scores: * CVE-2026-32776 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32776 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32776 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32776 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32777 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32777 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32777 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32777 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32778 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32778 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32778 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32778 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for mozjs128 fixes the following issues: * CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259728). * CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing (bsc#1259713). * CVE-2026-32778: libexpat: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259731). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-676=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-676=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * mozjs128-128.14.0-160000.2.1 * mozjs128-devel-128.14.0-160000.2.1 * mozjs128-debugsource-128.14.0-160000.2.1 * libmozjs-128-0-128.14.0-160000.2.1 * libmozjs-128-0-debuginfo-128.14.0-160000.2.1 * mozjs128-debuginfo-128.14.0-160000.2.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * mozjs128-128.14.0-160000.2.1 * mozjs128-devel-128.14.0-160000.2.1 * mozjs128-debugsource-128.14.0-160000.2.1 * libmozjs-128-0-128.14.0-160000.2.1 * libmozjs-128-0-debuginfo-128.14.0-160000.2.1 * mozjs128-debuginfo-128.14.0-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32776.html * https://www.suse.com/security/cve/CVE-2026-32777.html * https://www.suse.com/security/cve/CVE-2026-32778.html * https://bugzilla.suse.com/show_bug.cgi?id=1259713 * https://bugzilla.suse.com/show_bug.cgi?id=1259728 * https://bugzilla.suse.com/show_bug.cgi?id=1259731 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:35:35 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:35:35 -0000 Subject: SUSE-SU-2026:21542-1: important: Security update for php-composer2 Message-ID: <177848853573.2501.15853636721528180615@d7d34dcee2d8> # Security update for php-composer2 Announcement ID: SUSE-SU-2026:21542-1 Release Date: 2026-05-04T10:46:30Z Rating: important References: * bsc#1255768 * bsc#1262254 * bsc#1262255 Cross-References: * CVE-2025-67746 * CVE-2026-40176 * CVE-2026-40261 CVSS scores: * CVE-2025-67746 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-67746 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-67746 ( NVD ): 1.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-67746 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2026-40176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves three vulnerabilities can now be installed. ## Description: This update for php-composer2 fixes the following issues: * CVE-2025-67746: ANSI control characters injection in terminal output of various Composer commands via attacker controlled remote sources (bsc#1255768). * CVE-2026-40176: arbitrary command injection via malicious Perforce repository definition (bsc#1262254). * CVE-2026-40261: arbitrary command injection via malicious Perforce source reference/url (bsc#1262255). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-672=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-672=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * php-composer2-2.8.9-160000.3.1 * SUSE Linux Enterprise Server 16.0 (noarch) * php-composer2-2.8.9-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-67746.html * https://www.suse.com/security/cve/CVE-2026-40176.html * https://www.suse.com/security/cve/CVE-2026-40261.html * https://bugzilla.suse.com/show_bug.cgi?id=1255768 * https://bugzilla.suse.com/show_bug.cgi?id=1262254 * https://bugzilla.suse.com/show_bug.cgi?id=1262255 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:35:12 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:35:12 -0000 Subject: SUSE-SU-2026:21544-1: critical: Security update for openssl-3-x86_64-v3-livepatches Message-ID: <177848851210.2501.17759159831482297521@d7d34dcee2d8> # Security update for openssl-3-x86_64-v3-livepatches Announcement ID: SUSE-SU-2026:21544-1 Release Date: 2026-05-05T00:19:27Z Rating: critical References: * bsc#1250410 * bsc#1256876 * bsc#1256878 * bsc#1256880 * bsc#1259271 Cross-References: * CVE-2025-11187 * CVE-2025-15467 * CVE-2025-15468 * CVE-2025-9230 CVSS scores: * CVE-2025-11187 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-11187 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-11187 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H * CVE-2025-15467 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-15467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-15467 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-15468 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-15468 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-15468 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-9230 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-9230 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-9230 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves four vulnerabilities and has one fix can now be installed. ## Description: This update for openssl-3-x86_64-v3-livepatches fixes the following issues: Changes in openssl-3-x86_64-v3-livepatches: * Add package for libopenssl3-x86-64-v3-3.5.0 (bsc#1259271). Fixed: * CVE-2025-11187: Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification (bsc#1256878). * CVE-2025-15467: Fixed Stack buffer overflow in CMS AuthEnvelopedData parsing (bsc#1256876). * CVE-2025-15468: Fixed NULL dereference in SSL_CIPHER_find() function on unknown cipher ID (bsc#1256880). * CVE-2025-9230: Fixed Out-of-bounds read & write in RFC 3211 KEK Unwrap (CVE-2025-9230) (bsc#1250410). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-675=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-675=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * openssl-3-x86_64-v3-livepatches-debugsource-0.3-160000.1.1 * openssl-3-x86_64-v3-livepatches-debuginfo-0.3-160000.1.1 * openssl-3-x86_64-v3-livepatches-0.3-160000.1.1 * SUSE Linux Enterprise Server 16.0 (x86_64) * openssl-3-x86_64-v3-livepatches-debugsource-0.3-160000.1.1 * openssl-3-x86_64-v3-livepatches-debuginfo-0.3-160000.1.1 * openssl-3-x86_64-v3-livepatches-0.3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11187.html * https://www.suse.com/security/cve/CVE-2025-15467.html * https://www.suse.com/security/cve/CVE-2025-15468.html * https://www.suse.com/security/cve/CVE-2025-9230.html * https://bugzilla.suse.com/show_bug.cgi?id=1250410 * https://bugzilla.suse.com/show_bug.cgi?id=1256876 * https://bugzilla.suse.com/show_bug.cgi?id=1256878 * https://bugzilla.suse.com/show_bug.cgi?id=1256880 * https://bugzilla.suse.com/show_bug.cgi?id=1259271 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:35:49 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:35:49 -0000 Subject: SUSE-RU-2026:21539-1: important: Recommended update for rear29a Message-ID: <177848854966.2501.5198329094829253141@d7d34dcee2d8> # Recommended update for rear29a Announcement ID: SUSE-RU-2026:21539-1 Release Date: 2026-05-07T14:29:52Z Rating: important References: * bsc#1246136 * jsc#PED-14688 * jsc#PED-14776 Affected Products: * SUSE Linux Enterprise Server High Availability Extension 16.0 An update that contains two features and has one fix can now be installed. ## Description: This update for rear29a fixes the following issues: * SLE16 fixes * Aligning with upstream pull requests (#bsc1246136). * For SLE 16 and openSUSE Leap 16.x and openSUSE Factory, set OS_VERSION="16" in `/etc/rear/os.conf`. * Fix packages for Immutable Mode (jsc#PED-14776, jsc#PED-14688). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server High Availability Extension 16.0 zypper in -t patch SUSE-SLES-HA-16.0-719=1 ## Package List: * SUSE Linux Enterprise Server High Availability Extension 16.0 (ppc64le x86_64) * rear29a-2.9-160000.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1246136 * https://jira.suse.com/browse/PED-14688 * https://jira.suse.com/browse/PED-14776 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:35:28 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:35:28 -0000 Subject: SUSE-SU-2026:21543-1: important: Security update for java-25-openjdk Message-ID: <177848852824.2501.10522566265810304342@d7d34dcee2d8> # Security update for java-25-openjdk Announcement ID: SUSE-SU-2026:21543-1 Release Date: 2026-05-04T12:14:51Z Rating: important References: * bsc#1259118 * bsc#1262490 * bsc#1262493 * bsc#1262494 * bsc#1262495 * bsc#1262496 * bsc#1262497 * bsc#1262500 * bsc#1262501 * jsc#PED-15898 Cross-References: * CVE-2026-22007 * CVE-2026-22008 * CVE-2026-22013 * CVE-2026-22016 * CVE-2026-22018 * CVE-2026-22021 * CVE-2026-23865 * CVE-2026-34268 * CVE-2026-34282 CVSS scores: * CVE-2026-22007 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22007 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22007 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-22008 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-22008 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-22008 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-22013 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22013 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2026-22016 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-22016 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22016 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-22018 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22018 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22018 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-22021 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-22021 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-23865 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2026-23865 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-23865 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2026-34268 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-34268 ( SUSE ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34268 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-34282 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34282 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34282 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves nine vulnerabilities and contains one feature can now be installed. ## Description: This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.3+9 (April 2026 CPU). Security issues fixed: * CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of accessible data (bsc#1262490). * CVE-2026-22008: Libraries: unauthenticated attacker with network access via multiple protocols can gain unauthorized update, insert or delete access to data (bsc#1262493). * CVE-2026-22013: JGSS: unauthenticated attacker with network access via multiple protocols can gain unauthorized access to critical data (bsc#1262494). * CVE-2026-22016: JAXP: unauthenticated attacker with network access via multiple protocols can gain unauthorized to access critical data (bsc#1262495). * CVE-2026-22018: Libraries: unauthenticated attacker with network access via multiple protocols can cause a partial denial of service (bsc#1262496). * CVE-2026-22021: JSSE: unauthenticated attacker with network access via HTTPS can cause a partial denial of service (bsc#1262497). * CVE-2026-23865: freetype2: integer overflow in the `tt_var_load_item_variation_store` function allows for an out-of-bounds read when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts(bsc#1259118). * CVE-2026-34268: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of data (bsc#1262500). * CVE-2026-34282: Networking: unauthenticated attacker with network access via multiple protocols can cause a hang or frequently repeatable crash (bsc#1262501). Other updates and bugfixes: * Provide the timezone-java and tzdata-java (jsc#PED-15898). * Migrate to the new logic of FIPS patch developed by RedHat in https://github.com/rh-openjdk/jdk/tree/fips-25u. * Add the sources of /nss-native-fips-key-import-export-adapter. * This native library is an adapter for OpenJDK to use the NSS PKCS #11 software token (libsoftokn3.so) in FIPS mode. * Allow overriding of gcc name. * Don't make missing system crypto-policies fatal. * Add create-crypto-properties-files.bash that generates during the build the config files for different fips and non-fips scenarios. * Add TestSecurityProperties.java to test the loading of system security properties where applicable. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-674=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-674=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * java-25-openjdk-devel-debuginfo-25.0.3.0-160000.1.1 * java-25-openjdk-debuginfo-25.0.3.0-160000.1.1 * java-25-openjdk-jmods-25.0.3.0-160000.1.1 * java-25-openjdk-devel-25.0.3.0-160000.1.1 * java-25-openjdk-headless-debuginfo-25.0.3.0-160000.1.1 * java-25-openjdk-demo-25.0.3.0-160000.1.1 * java-25-openjdk-src-25.0.3.0-160000.1.1 * java-25-openjdk-25.0.3.0-160000.1.1 * java-25-openjdk-headless-25.0.3.0-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * java-25-openjdk-javadoc-25.0.3.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * java-25-openjdk-devel-debuginfo-25.0.3.0-160000.1.1 * java-25-openjdk-debuginfo-25.0.3.0-160000.1.1 * java-25-openjdk-jmods-25.0.3.0-160000.1.1 * java-25-openjdk-devel-25.0.3.0-160000.1.1 * java-25-openjdk-headless-debuginfo-25.0.3.0-160000.1.1 * java-25-openjdk-demo-25.0.3.0-160000.1.1 * java-25-openjdk-src-25.0.3.0-160000.1.1 * java-25-openjdk-25.0.3.0-160000.1.1 * java-25-openjdk-headless-25.0.3.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * java-25-openjdk-javadoc-25.0.3.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-22007.html * https://www.suse.com/security/cve/CVE-2026-22008.html * https://www.suse.com/security/cve/CVE-2026-22013.html * https://www.suse.com/security/cve/CVE-2026-22016.html * https://www.suse.com/security/cve/CVE-2026-22018.html * https://www.suse.com/security/cve/CVE-2026-22021.html * https://www.suse.com/security/cve/CVE-2026-23865.html * https://www.suse.com/security/cve/CVE-2026-34268.html * https://www.suse.com/security/cve/CVE-2026-34282.html * https://bugzilla.suse.com/show_bug.cgi?id=1259118 * https://bugzilla.suse.com/show_bug.cgi?id=1262490 * https://bugzilla.suse.com/show_bug.cgi?id=1262493 * https://bugzilla.suse.com/show_bug.cgi?id=1262494 * https://bugzilla.suse.com/show_bug.cgi?id=1262495 * https://bugzilla.suse.com/show_bug.cgi?id=1262496 * https://bugzilla.suse.com/show_bug.cgi?id=1262497 * https://bugzilla.suse.com/show_bug.cgi?id=1262500 * https://bugzilla.suse.com/show_bug.cgi?id=1262501 * https://jira.suse.com/browse/PED-15898 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:35:38 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:35:38 -0000 Subject: SUSE-SU-2026:21541-1: important: Security update for MozillaFirefox Message-ID: <177848853895.2501.18412810048154437275@d7d34dcee2d8> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2026:21541-1 Release Date: 2026-05-04T10:46:30Z Rating: important References: * bsc#1263110 Cross-References: * CVE-2026-7320 * CVE-2026-7321 * CVE-2026-7322 * CVE-2026-7323 CVSS scores: * CVE-2026-7320 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-7321 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-7322 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-7323 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves four vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.10.1 ESR. * MFSA 2026-36 (bsc#1263110) * CVE-2026-7320: Information disclosure due to incorrect boundary conditions in the Audio/Video component. * CVE-2026-7321: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. * CVE-2026-7322: Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1, Thunderbird ESR 140.10.1, Firefox 150.0.1 and Thunderbird 150.0.1 * CVE-2026-7323: Memory safety bugs fixed in Firefox ESR 140.10.1, Thunderbird ESR 140.10.1, Firefox 150.0.1 and Thunderbird 150.0.1 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-669=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-669=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (ppc64le x86_64) * MozillaFirefox-translations-other-140.10.1-160000.1.1 * MozillaFirefox-debuginfo-140.10.1-160000.1.1 * MozillaFirefox-debugsource-140.10.1-160000.1.1 * MozillaFirefox-140.10.1-160000.1.1 * MozillaFirefox-translations-common-140.10.1-160000.1.1 * SUSE Linux Enterprise Server for SAP applications 16.0 (noarch) * MozillaFirefox-devel-140.10.1-160000.1.1 * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le x86_64) * MozillaFirefox-translations-other-140.10.1-160000.1.1 * MozillaFirefox-debuginfo-140.10.1-160000.1.1 * MozillaFirefox-debugsource-140.10.1-160000.1.1 * MozillaFirefox-140.10.1-160000.1.1 * MozillaFirefox-translations-common-140.10.1-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * MozillaFirefox-devel-140.10.1-160000.1.1 * MozillaFirefox-devel-140.10.1-160000.1.3 * SUSE Linux Enterprise Server 16.0 (s390x) * MozillaFirefox-debugsource-140.10.1-160000.1.3 * MozillaFirefox-140.10.1-160000.1.3 * MozillaFirefox-translations-common-140.10.1-160000.1.3 * MozillaFirefox-translations-other-140.10.1-160000.1.3 * MozillaFirefox-debuginfo-140.10.1-160000.1.3 ## References: * https://www.suse.com/security/cve/CVE-2026-7320.html * https://www.suse.com/security/cve/CVE-2026-7321.html * https://www.suse.com/security/cve/CVE-2026-7322.html * https://www.suse.com/security/cve/CVE-2026-7323.html * https://bugzilla.suse.com/show_bug.cgi?id=1263110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:01 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:01 -0000 Subject: SUSE-SU-2026:1798-1: important: Security update for the Linux Kernel (Live Patch 32 for SUSE Linux Enterprise 15 SP5) Message-ID: <177848856143.2501.9592200217622391459@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 32 for SUSE Linux Enterprise 15 SP5) Announcement ID: SUSE-SU-2026:1798-1 Release Date: 2026-05-09T13:04:52Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 5.14.21-150500.55.127 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1799=1 SUSE-2026-1798=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1799=1 SUSE-SLE- Module-Live-Patching-15-SP4-2026-1798=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1800=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1800=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_179-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_47-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_187-default-debuginfo-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_187-default-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_45-debugsource-10-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_179-default-10-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_47-debugsource-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_179-default-debuginfo-10-150400.2.1 * kernel-livepatch-5_14_21-150400_24_187-default-debuginfo-6-150400.2.1 * kernel-livepatch-5_14_21-150400_24_187-default-6-150400.2.1 * kernel-livepatch-SLE15-SP4_Update_45-debugsource-10-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_127-default-debuginfo-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_32-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_127-default-6-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_127-default-debuginfo-6-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_32-debugsource-6-150500.2.1 * kernel-livepatch-5_14_21-150500_55_127-default-6-150500.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:35:41 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:35:41 -0000 Subject: SUSE-SU-2026:21540-1: important: Security update for google-cloud-sap-agent Message-ID: <177848854196.2501.71881805278913315@d7d34dcee2d8> # Security update for google-cloud-sap-agent Announcement ID: SUSE-SU-2026:21540-1 Release Date: 2026-05-04T10:09:04Z Rating: important References: * bsc#1262936 Cross-References: * CVE-2026-34986 CVSS scores: * CVE-2026-34986 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-34986 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-34986 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for google-cloud-sap-agent fixes the following issue: * CVE-2026-34986: github.com/go-jose/go-jose/v4: processing of JWE object with empty `encrypted_key` field but key wrapping algorithm set can lead to a denial of service (bsc#1262936). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP applications 16.0 zypper in -t patch SUSE-SLES-16.0-671=1 * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-671=1 ## Package List: * SUSE Linux Enterprise Server for SAP applications 16.0 (x86_64) * google-cloud-sap-agent-3.12-160000.2.1 * google-cloud-sap-agent-debuginfo-3.12-160000.2.1 * SUSE Linux Enterprise Server 16.0 (aarch64 x86_64) * google-cloud-sap-agent-3.12-160000.2.1 * google-cloud-sap-agent-debuginfo-3.12-160000.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-34986.html * https://bugzilla.suse.com/show_bug.cgi?id=1262936 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:05 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:05 -0000 Subject: SUSE-SU-2026:1802-1: important: Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP6) Message-ID: <177848856521.2501.13908585794781982536@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 21 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1802-1 Release Date: 2026-05-09T13:05:31Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.92 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1802=1 SUSE-2026-1803=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1802=1 SUSE-SLE- Module-Live-Patching-15-SP5-2026-1803=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1797=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1797=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_144-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_144-default-debuginfo-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_141-default-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_36-debugsource-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_141-default-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_37-debugsource-2-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_144-default-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_144-default-debuginfo-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_141-default-debuginfo-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_36-debugsource-2-150500.2.1 * kernel-livepatch-5_14_21-150500_55_141-default-2-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_37-debugsource-2-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_92-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_21-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_92-default-2-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_92-default-debuginfo-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_21-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_92-default-2-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:16 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:16 -0000 Subject: SUSE-SU-2026:1801-1: important: Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise 15 SP6) Message-ID: <177848857610.2501.1552174889046051150@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1801-1 Release Date: 2026-05-09T13:05:07Z Rating: important References: * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.84 fixes various security issues The following security issues were fixed: * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1801=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1801=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1796=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1796=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_35-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-debuginfo-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-5-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_35-debugsource-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-debuginfo-5-150500.2.1 * kernel-livepatch-5_14_21-150500_55_136-default-5-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-5-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-5-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-5-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:30 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:30 -0000 Subject: SUSE-SU-2026:1792-1: important: Security update for the Linux Kernel (Live Patch 78 for SUSE Linux Enterprise 12 SP5) Message-ID: <177848859083.2501.6225981426822058118@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 78 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1792-1 Release Date: 2026-05-09T11:33:55Z Rating: important References: * bsc#1263689 Cross-References: * CVE-2026-31431 CVSS scores: * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.296 fixes one security issue The following security issue was fixed: * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1792=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_296-default-2-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:26 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:26 -0000 Subject: SUSE-SU-2026:1793-1: important: Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6) Message-ID: <177848858699.2501.9745726552365223713@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 13 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1793-1 Release Date: 2026-05-09T11:34:27Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.60 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1793=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1793=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1794=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-1794=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1795=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1795=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_43-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_173-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_173-default-13-150400.2.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_43-debugsource-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_173-default-debuginfo-13-150400.2.1 * kernel-livepatch-5_14_21-150400_24_173-default-13-150400.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-18-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_25-debugsource-18-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_100-default-debuginfo-18-150500.2.1 * kernel-livepatch-5_14_21-150500_55_100-default-18-150500.2.1 * kernel-livepatch-SLE15-SP5_Update_25-debugsource-18-150500.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_13-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-14-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_13-debugsource-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-debuginfo-14-150600.2.1 * kernel-livepatch-6_4_0-150600_23_60-default-14-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:38 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:38 -0000 Subject: SUSE-SU-2026:1791-1: important: Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5) Message-ID: <177848859876.2501.806201667272494338@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 73 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1791-1 Release Date: 2026-05-09T11:33:49Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.275 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1791=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_275-default-8-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:47 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:47 -0000 Subject: SUSE-SU-2026:1790-1: important: Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) Message-ID: <177848860726.2501.4132358265151651076@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 70 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1790-1 Release Date: 2026-05-09T11:04:04Z Rating: important References: * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.266 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1790=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_266-default-14-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:37:03 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:37:03 -0000 Subject: SUSE-SU-2026:21534-1: moderate: Security update for Mesa Message-ID: <177848862380.2501.15255182845494621628@d7d34dcee2d8> # Security update for Mesa Announcement ID: SUSE-SU-2026:21534-1 Release Date: 2026-05-06T10:15:45Z Rating: moderate References: * bsc#1261911 * bsc#1261998 Cross-References: * CVE-2026-40393 CVSS scores: * CVE-2026-40393 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-40393 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40393 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for Mesa fixes the following issue: * CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party (bsc#1261998). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-707=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le x86_64) * Mesa-libEGL1-debuginfo-24.3.3-160000.3.1 * Mesa-debugsource-24.3.3-160000.3.1 * Mesa-libEGL1-24.3.3-160000.3.1 * Mesa-libglapi0-24.3.3-160000.3.1 * Mesa-gallium-24.3.3-160000.3.1 * Mesa-dri-24.3.3-160000.3.1 * Mesa-gallium-debuginfo-24.3.3-160000.3.1 * libgbm1-24.3.3-160000.3.1 * Mesa-libGL1-debuginfo-24.3.3-160000.3.1 * Mesa-24.3.3-160000.3.1 * libgbm1-debuginfo-24.3.3-160000.3.1 * Mesa-drivers-debugsource-24.3.3-160000.3.1 * Mesa-dri-debuginfo-24.3.3-160000.3.1 * Mesa-libglapi0-debuginfo-24.3.3-160000.3.1 * Mesa-libGL1-24.3.3-160000.3.1 * SUSE Linux Micro 6.2 (s390x) * Mesa-libEGL1-debuginfo-24.1.7-160000.3.1 * Mesa-libglapi0-24.1.7-160000.3.1 * libgbm1-24.1.7-160000.3.1 * Mesa-dri-24.1.7-160000.3.1 * Mesa-libglapi0-debuginfo-24.1.7-160000.3.1 * Mesa-drivers-debugsource-24.1.7-160000.3.1 * Mesa-dri-debuginfo-24.1.7-160000.3.1 * Mesa-libGL1-debuginfo-24.1.7-160000.3.1 * Mesa-24.1.7-160000.3.1 * libgbm1-debuginfo-24.1.7-160000.3.1 * Mesa-libGL1-24.1.7-160000.3.1 * Mesa-libEGL1-24.1.7-160000.3.1 * Mesa-debugsource-24.1.7-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40393.html * https://bugzilla.suse.com/show_bug.cgi?id=1261911 * https://bugzilla.suse.com/show_bug.cgi?id=1261998 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:37:30 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:37:30 -0000 Subject: SUSE-SU-2026:21532-1: important: Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Message-ID: <177848865098.2501.4891920149804729608@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21532-1 Release Date: 2026-05-06T09:16:11Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-705=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_1-debugsource-9-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-debuginfo-9-160000.1.1 * kernel-livepatch-6_12_0-160000_6-default-9-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:50 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:50 -0000 Subject: SUSE-RU-2026:21538-1: moderate: Recommended update for libica Message-ID: <177848861046.2501.14332435025073335340@d7d34dcee2d8> # Recommended update for libica Announcement ID: SUSE-RU-2026:21538-1 Release Date: 2026-05-04T10:52:50Z Rating: moderate References: * bsc#952871 Affected Products: * SUSE Linux Micro 6.2 An update that has one fix can now be installed. ## Description: This update for libica fixes the following issues: * Upgrade libica to version 4.4.1. * Applied a patch for FIPS 140-3 project for SLES16.0 and SL Micro 6.2. * Removed obsolete patch. * Move unversioned libica.so from tools to libica4 subpackage to ensure openssl-ibmca can reliably load it via DSO_load() in minimal environments (bsc#952871). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-673=1 ## Package List: * SUSE Linux Micro 6.2 (s390x) * libica4-debuginfo-4.4.1-160000.1.1 * libica4-4.4.1-160000.1.1 * libica-tools-4.4.1-160000.1.1 * libica-debuginfo-4.4.1-160000.1.1 * libica-debugsource-4.4.1-160000.1.1 * libica-tools-debuginfo-4.4.1-160000.1.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=952871 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:53 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:53 -0000 Subject: SUSE-SU-2026:21518-1: moderate: Security update for build, product-composer Message-ID: <177848861332.2501.9339261499449482763@d7d34dcee2d8> # Security update for build, product-composer Announcement ID: SUSE-SU-2026:21518-1 Release Date: 2026-05-05T06:52:08Z Rating: moderate References: * bsc#1230469 Cross-References: * CVE-2024-22038 CVSS scores: * CVE-2024-22038 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-22038 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H * CVE-2024-22038 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-22038 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 * SUSE Linux Micro Extras 6.2 An update that solves one vulnerability can now be installed. ## Description: This update for build, product-composer fixes the following issues: Changes in build: * Support a new "IgnoreRebuild" config. * build-recipe-kiwi: * Add support for oci containers * Avoid needlessly compressing container images * Detect container images based on build result file name * Fix queryrecipe to use the summary and the description from the main package * config: Add slfo-main build configuration * drop the inner quotes, not needed on bash 4 and breaks on bash 3 * build: in the ccache case, after test -e also accept -L * container: * Add microdnf package manager support * Add experimental support for the container-timestamp build option * sbom: * allow to create v1 intoto data * spdx: connect OPERATING-SYSTEM package to the root package * Transfer product vcs and disturl * Support --cms-nocerts and --cms-keyid in the signdummy * Support chroot builds inside of containers * runservice tool, allow to specify the modes. Can be used on plain git source now also * Support --mtime option for cpio creation * generate_sbom: * Support also unzck compressed repomd files * Fail when given --product directory is missing * support zstd compressed repomd data * build-vm-lxc: support lxc >= 5 * vc: Hide an annoying error message when not using NIS * added leap-16.0 and leap-16.1 build configs. (not named sl16.0 anymore, but using same string as the git branch) * Implement cmssign support in signdummy * pbuild: mark git assets with a fixed commit as immutable * mkosi * check if old parameters are supported before passing them * support old bash version * Do not crash on small files that start with the PE magic * Harden export_debian_orig_from_git (CVE-2024-22038, boo#1230469) Changes in product-composer: update to version 0.9.6: * Speed-up reading of rpm headers * Flush output lines to get get correct timestamps in OBS update to version 0.9.5: * Be a bit more verbose to track used times per step in OBS * Fix a crash when doing version compare with an epoch update to version 0.9.4: * Give an error when trying to add updateinfo meta data without all binary revisions. * Hand over vcs and disturl data to generate_sbom. (We require a recent build package therefore) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro Extras 6.2 zypper in -t patch SUSE-SLE-Micro-Extras-6.2-678=1 ## Package List: * SUSE Linux Micro Extras 6.2 (noarch) * build-mkbaselibs-20260415-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22038.html * https://bugzilla.suse.com/show_bug.cgi?id=1230469 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:56 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:56 -0000 Subject: SUSE-RU-2026:21536-1: moderate: Recommended update for protobuf Message-ID: <177848861667.2501.8779795594501639330@d7d34dcee2d8> # Recommended update for protobuf Announcement ID: SUSE-RU-2026:21536-1 Release Date: 2026-05-06T13:24:47Z Rating: moderate References: * bsc#1257662 Affected Products: * SUSE Linux Micro 6.2 An update that has one fix can now be installed. ## Description: This update for protobuf fixes the following issues: * Fix import issues with google.protobuf namespace (bsc#1257662). * Opt for individual %patch statements for varying strip levels. * Configure _default_patch_fuzz to 2 for successful application of cherry- picked patches. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-709=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * libutf8_range-28_3_0-debuginfo-28.3-160000.4.1 * libprotobuf28_3_0-28.3-160000.4.1 * libprotobuf28_3_0-debuginfo-28.3-160000.4.1 * libutf8_range-28_3_0-28.3-160000.4.1 * protobuf-debugsource-28.3-160000.4.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1257662 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:36:59 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:36:59 -0000 Subject: SUSE-RU-2026:21535-1: moderate: Recommended update for libselinux Message-ID: <177848861928.2501.1030197059588485989@d7d34dcee2d8> # Recommended update for libselinux Announcement ID: SUSE-RU-2026:21535-1 Release Date: 2026-05-06T11:14:53Z Rating: moderate References: * bsc#1261639 Affected Products: * SUSE Linux Micro 6.2 An update that has one fix can now be installed. ## Description: This update for libselinux fixes the following issues: * Backport commit "libselinux: retain LIFO order for path substitutions" (bsc#1261639) * otherwise we can not add equivalencies that overload each other in the policy * libselinux: retain LIFO order for path substitutions ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-708=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * selinux-tools-3.8.1-160000.3.1 * python313-selinux-3.8.1-160000.3.1 * libselinux-debugsource-3.8.1-160000.3.1 * libselinux1-3.8.1-160000.3.1 * libselinux-bindings-debugsource-3.8.1-160000.3.1 * selinux-tools-debuginfo-3.8.1-160000.3.1 * libselinux1-debuginfo-3.8.1-160000.3.1 * python313-selinux-debuginfo-3.8.1-160000.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1261639 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:38:28 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:38:28 -0000 Subject: SUSE-SU-2026:21527-1: important: Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16) Message-ID: <177848870847.2501.10421471929319815748@d7d34dcee2d8> # Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21527-1 Release Date: 2026-05-05T21:59:39Z Rating: important References: * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-696=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_9-rt-debuginfo-5-160000.1.1 * kernel-livepatch-SLE16-RT_Update_4-debugsource-5-160000.1.1 * kernel-livepatch-6_12_0-160000_9-rt-5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:37:17 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:37:17 -0000 Subject: SUSE-SU-2026:21533-1: important: Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) Message-ID: <177848863732.2501.14322459893340699083@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21533-1 Release Date: 2026-05-06T09:35:23Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-706=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_7-default-7-160000.1.1 * kernel-livepatch-6_12_0-160000_7-default-debuginfo-7-160000.1.1 * kernel-livepatch-SLE16_Update_2-debugsource-7-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:37:43 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:37:43 -0000 Subject: SUSE-SU-2026:21531-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16) Message-ID: <177848866300.2501.15201794951766942529@d7d34dcee2d8> # Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21531-1 Release Date: 2026-05-05T23:37:29Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-700=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_6-rt-debuginfo-8-160000.1.1 * kernel-livepatch-6_12_0-160000_6-rt-8-160000.1.1 * kernel-livepatch-SLE16-RT_Update_1-debugsource-8-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:39:21 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:39:21 -0000 Subject: SUSE-SU-2026:21522-1: important: Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Message-ID: <177848876138.2501.13237635606404884360@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21522-1 Release Date: 2026-05-05T19:49:32Z Rating: important References: * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves six vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-691=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_9-default-debuginfo-5-160000.1.1 * kernel-livepatch-SLE16_Update_4-debugsource-5-160000.1.1 * kernel-livepatch-6_12_0-160000_9-default-5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:39:34 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:39:34 -0000 Subject: SUSE-SU-2026:21520-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise 16) Message-ID: <177848877480.2501.12726835445359829874@d7d34dcee2d8> # Security update for the Linux Kernel RT (Live Patch 7 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21520-1 Release Date: 2026-05-05T17:30:28Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-688=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_7-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_28-rt-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_28-rt-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:39:44 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:39:44 -0000 Subject: SUSE-SU-2026:21519-1: important: Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 16) Message-ID: <177848878447.2501.2740851382769717922@d7d34dcee2d8> # Security update for the Linux Kernel RT (Live Patch 5 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21519-1 Release Date: 2026-05-05T17:18:30Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-687=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-SLE16-RT_Update_5-debugsource-4-160000.1.1 * kernel-livepatch-6_12_0-160000_26-rt-debuginfo-4-160000.1.1 * kernel-livepatch-6_12_0-160000_26-rt-4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:37:52 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:37:52 -0000 Subject: SUSE-SU-2026:21530-1: important: Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16) Message-ID: <177848867263.2501.14254074157387037519@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 6 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21530-1 Release Date: 2026-05-05T22:36:52Z Rating: important References: * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes various security issues The following security issues were fixed: * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-699=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_27-default-debuginfo-3-160000.1.1 * kernel-livepatch-6_12_0-160000_27-default-3-160000.1.1 * kernel-livepatch-SLE16_Update_6-debugsource-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:40:19 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:40:19 -0000 Subject: SUSE-SU-2026:1784-1: important: Security update for php-composer2 Message-ID: <177848881959.2501.10006833968135987310@d7d34dcee2d8> # Security update for php-composer2 Announcement ID: SUSE-SU-2026:1784-1 Release Date: 2026-05-08T17:05:56Z Rating: important References: * bsc#1262254 * bsc#1262255 Cross-References: * CVE-2026-40176 * CVE-2026-40261 CVSS scores: * CVE-2026-40176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-40261 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * Web and Scripting Module 15-SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for php-composer2 fixes the following issues: * CVE-2026-40176: arbitrary command injection via malicious Perforce repository definition (bsc#1262254). * CVE-2026-40261: arbitrary command injection via malicious Perforce source reference/url (bsc#1262255). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1784=1 * Web and Scripting Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2026-1784=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1784=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1784=1 ## Package List: * openSUSE Leap 15.6 (noarch) * php-composer2-2.6.4-150600.3.9.1 * Web and Scripting Module 15-SP7 (noarch) * php-composer2-2.6.4-150600.3.9.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * php-composer2-2.6.4-150600.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * php-composer2-2.6.4-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40176.html * https://www.suse.com/security/cve/CVE-2026-40261.html * https://bugzilla.suse.com/show_bug.cgi?id=1262254 * https://bugzilla.suse.com/show_bug.cgi?id=1262255 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:38:04 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:38:04 -0000 Subject: SUSE-SU-2026:21529-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16) Message-ID: <177848868465.2501.14122763420122984161@d7d34dcee2d8> # Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21529-1 Release Date: 2026-05-05T22:29:56Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-698=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_5-rt-9-160000.3.4 * kernel-livepatch-SLE16-RT_Update_0-debugsource-9-160000.3.4 * kernel-livepatch-6_12_0-160000_5-rt-debuginfo-9-160000.3.4 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:38:16 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:38:16 -0000 Subject: SUSE-SU-2026:21528-1: important: Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16) Message-ID: <177848869645.2501.17635060486472113020@d7d34dcee2d8> # Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21528-1 Release Date: 2026-05-05T22:20:12Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-697=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_7-rt-6-160000.1.1 * kernel-livepatch-SLE16-RT_Update_2-debugsource-6-160000.1.1 * kernel-livepatch-6_12_0-160000_7-rt-debuginfo-6-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:38:40 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:38:40 -0000 Subject: SUSE-SU-2026:21526-1: important: Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16) Message-ID: <177848872071.2501.90382377704966862@d7d34dcee2d8> # Security update for the Linux Kernel RT (Live Patch 3 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21526-1 Release Date: 2026-05-05T20:45:33Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-695=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_8-rt-debuginfo-5-160000.1.1 * kernel-livepatch-6_12_0-160000_8-rt-5-160000.1.1 * kernel-livepatch-SLE16-RT_Update_3-debugsource-5-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:38:51 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:38:51 -0000 Subject: SUSE-SU-2026:21525-1: important: Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16) Message-ID: <177848873184.2501.12481266717326899214@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21525-1 Release Date: 2026-05-05T20:04:45Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-694=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-6_12_0-160000_26-default-4-160000.1.1 * kernel-livepatch-6_12_0-160000_26-default-debuginfo-4-160000.1.1 * kernel-livepatch-SLE16_Update_5-debugsource-4-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:38:58 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:38:58 -0000 Subject: SUSE-SU-2026:21524-1: important: Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16) Message-ID: <177848873803.2501.823708876712752288@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21524-1 Release Date: 2026-05-05T20:01:32Z Rating: important References: * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.28.1 fixes various security issues The following security issues were fixed: * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-693=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_7-debugsource-2-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-debuginfo-2-160000.1.1 * kernel-livepatch-6_12_0-160000_28-default-2-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:39:09 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:39:09 -0000 Subject: SUSE-SU-2026:21523-1: important: Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Message-ID: <177848874969.2501.16615853641736570916@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 0 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21523-1 Release Date: 2026-05-05T19:50:41Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-692=1 ## Package List: * SUSE Linux Micro 6.2 (ppc64le s390x x86_64) * kernel-livepatch-SLE16_Update_0-debugsource-11-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-11-160000.4.3 * kernel-livepatch-6_12_0-160000_5-default-debuginfo-11-160000.4.3 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:39:28 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:39:28 -0000 Subject: SUSE-SU-2026:21521-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise 16) Message-ID: <177848876889.2501.237693538235191354@d7d34dcee2d8> # Security update for the Linux Kernel RT (Live Patch 6 for SUSE Linux Enterprise 16) Announcement ID: SUSE-SU-2026:21521-1 Release Date: 2026-05-05T17:32:16Z Rating: important References: * bsc#1259126 * bsc#1261630 * bsc#1261845 * bsc#1263689 Cross-References: * CVE-2026-23204 * CVE-2026-23437 * CVE-2026-31406 * CVE-2026-31431 CVSS scores: * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23437 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23437 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23437 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23437 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-31406 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31406 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.27.1 fixes various security issues The following security issues were fixed: * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy (bsc#1261845). * CVE-2026-31406: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() (bsc#1261630). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-689=1 ## Package List: * SUSE Linux Micro 6.2 (x86_64) * kernel-livepatch-6_12_0-160000_27-rt-3-160000.1.1 * kernel-livepatch-SLE16-RT_Update_6-debugsource-3-160000.1.1 * kernel-livepatch-6_12_0-160000_27-rt-debuginfo-3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-23437.html * https://www.suse.com/security/cve/CVE-2026-31406.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1261630 * https://bugzilla.suse.com/show_bug.cgi?id=1261845 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:39:47 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:39:47 -0000 Subject: SUSE-RU-2026:21518-1: important: Recommended update for ipmitool Message-ID: <177848878720.2501.17632639102048777946@d7d34dcee2d8> # Recommended update for ipmitool Announcement ID: SUSE-RU-2026:21518-1 Release Date: 2026-05-05T07:09:23Z Rating: important References: * bsc#1259310 Affected Products: * SUSE Linux Micro 6.2 An update that has one fix can now be installed. ## Description: This update for ipmitool fixes the following issue: Change in ipmitool: * Fix for improper PID file creation (bsc#1259310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-679=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * ipmitool-debugsource-1.8.19.13.gbe11d94-160000.3.1 * ipmitool-1.8.19.13.gbe11d94-160000.3.1 * ipmitool-debuginfo-1.8.19.13.gbe11d94-160000.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1259310 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:39:55 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:39:55 -0000 Subject: SUSE-SU-2026:1787-1: important: Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6) Message-ID: <177848879583.2501.17052938336974578352@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 18 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1787-1 Release Date: 2026-05-09T03:34:11Z Rating: important References: * bsc#1252048 * bsc#1258005 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-39977 * CVE-2025-71066 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-39977 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-39977 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-71066 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.81 fixes various security issues The following security issues were fixed: * CVE-2025-39977: futex: Prevent use-after-free during requeue-PI (bsc#1252048). * CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (bsc#1258005). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1787=1 SUSE-2026-1788=1 SUSE-2026-1789=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1787=1 SUSE-SLE- Module-Live-Patching-15-SP6-2026-1788=1 SUSE-SLE-Module-Live- Patching-15-SP6-2026-1789=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_14-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_70-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_15-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_70-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_65-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_65-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_18-debugsource-5-150600.2.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_14-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-debuginfo-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_70-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_15-debugsource-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-5-150600.2.1 * kernel-livepatch-6_4_0-150600_23_70-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_65-default-10-150600.2.1 * kernel-livepatch-6_4_0-150600_23_65-default-debuginfo-10-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_18-debugsource-5-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-39977.html * https://www.suse.com/security/cve/CVE-2025-71066.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1252048 * https://bugzilla.suse.com/show_bug.cgi?id=1258005 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:40:01 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:40:01 -0000 Subject: SUSE-SU-2026:1786-1: important: Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5) Message-ID: <177848880180.2501.15934094433437119976@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 77 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1786-1 Release Date: 2026-05-08T22:45:05Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.293 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1786=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_293-default-5-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:40:08 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:40:08 -0000 Subject: SUSE-SU-2026:1781-1: important: Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5) Message-ID: <177848880801.2501.1874548300441783677@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 75 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1781-1 Release Date: 2026-05-08T17:04:18Z Rating: important References: * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.283 fixes various security issues The following security issues were fixed: * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1781=1 SUSE-SLE-Live- Patching-12-SP5-2026-1782=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_280-default-6-2.1 * kgraft-patch-4_12_14-122_283-default-6-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 08:40:15 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 08:40:15 -0000 Subject: SUSE-SU-2026:1780-1: important: Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5) Message-ID: <177848881514.2501.7265309071385279286@d7d34dcee2d8> # Security update for the Linux Kernel (Live Patch 67 for SUSE Linux Enterprise 12 SP5) Announcement ID: SUSE-SU-2026:1780-1 Release Date: 2026-05-08T17:04:05Z Rating: important References: * bsc#1258073 * bsc#1258655 * bsc#1259126 * bsc#1263689 Cross-References: * CVE-2025-38375 * CVE-2026-23004 * CVE-2026-23204 * CVE-2026-31431 CVSS scores: * CVE-2025-38375 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38375 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38375 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23004 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23004 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-23204 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-23204 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-23204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2026-31431 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-31431 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise kernel 4.12.14-122.255 fixes various security issues The following security issues were fixed: * CVE-2025-38375: virtio-net: ensure the received length does not exceed allocated size (bsc#1258073). * CVE-2026-23004: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (bsc#1258655). * CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful() (bsc#1259126). * CVE-2026-31431: crypto: algif_aead - Revert to operating out-of-place (bsc#1263689). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2026-1780=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_255-default-17-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38375.html * https://www.suse.com/security/cve/CVE-2026-23004.html * https://www.suse.com/security/cve/CVE-2026-23204.html * https://www.suse.com/security/cve/CVE-2026-31431.html * https://bugzilla.suse.com/show_bug.cgi?id=1258073 * https://bugzilla.suse.com/show_bug.cgi?id=1258655 * https://bugzilla.suse.com/show_bug.cgi?id=1259126 * https://bugzilla.suse.com/show_bug.cgi?id=1263689 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 12:30:18 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 12:30:18 -0000 Subject: SUSE-RU-2026:21578-1: moderate: Recommended update 5.1.3.1 for Multi-Linux Manager Message-ID: <177850261859.2725.9100471941843818254@a63bbe94e1a3> # Recommended update 5.1.3.1 for Multi-Linux Manager Announcement ID: SUSE-RU-2026:21578-1 Release Date: 2026-04-30T09:57:03Z Rating: moderate References: * bsc#1262760 * bsc#1263007 Affected Products: * SUSE Linux Micro 6.1 * SUSE Multi-Linux Manager Proxy 5.1 * SUSE Multi-Linux Manager Retail Branch Server 5.1 * SUSE Multi-Linux Manager Server 5.1 An update that has two fixes can now be installed. ## Description: This update fixes the following issues: proxy-httpd-image: * Version 5.1.15 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-salt-broker-image: * Version 5.1.14 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-squid-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-ssh-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-tftpd-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-attestation-image: * Version 5.1.14 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-hub-xmlrpc-api-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-image: * Version 5.1.14 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-migration-14-16-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-postgresql-image: * Version 5.1.12 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-saline-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 uyuni-tools: * Version 5.1.27-0 * Update the default tag to 5.1.3.1 (bsc#1262760) The following packages are underlying build dependencies and system components used by the containers: spacewalk-java: * version 5.1.25-0 * Add the RHEL10 installer generation type (bsc#1263007) spacewalk-web: * Version 5.1.20-0 * Update WebUI version to 5.1.3.1 (bsc#1262760) susemanager: * Version 5.1.16-0 * Add missing RHEL10 / SUSE Liberty Linux 10 (bsc#1262760) susemanager-schema: * version 5.1.18-0 * Add the RHEL10 installer generation type (bsc#1263007) How to apply this update: SUSE Multi-Linux Manager Server: 1. Log in as root user to the SUSE Multi-Linux Manager Server. 2. Upgrade mgradm and mgrctl. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgradm upgrade podman` which will use the default image tags. SUSE Multi-Linux Manager Proxy / Retail Branch Server: 1. Log in as root user to the SUSE Multi-Linux Manager Proxy / Retail Branch Server. 2. Upgrade mgrpxy. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgrpxy upgrade podman` which will use the default image tags. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Multi-Linux Manager Proxy 5.1 zypper in -t patch SUSE-Multi-Linux-Manager-5.1-7=1 * SUSE Multi-Linux Manager Retail Branch Server 5.1 zypper in -t patch SUSE-Multi-Linux-Manager-5.1-7=1 * SUSE Multi-Linux Manager Server 5.1 zypper in -t patch SUSE-Multi-Linux-Manager-5.1-7=1 ## Package List: * SUSE Multi-Linux Manager Proxy 5.1 (aarch64 x86_64) * mgrpxy-debuginfo-5.1.27-slfo.1.1.1 * mgrpxy-5.1.27-slfo.1.1.1 * SUSE Multi-Linux Manager Proxy 5.1 (noarch) * mgrpxy-bash-completion-5.1.26-slfo.1.1.1 * mgrpxy-zsh-completion-5.1.26-slfo.1.1.1 * mgrpxy-lang-5.1.27-slfo.1.1.1 * mgrpxy-zsh-completion-5.1.27-slfo.1.1.1 * mgrpxy-lang-5.1.26-slfo.1.1.1 * mgrpxy-bash-completion-5.1.27-slfo.1.1.1 * SUSE Multi-Linux Manager Proxy 5.1 (aarch64) * suse-multi-linux-manager-5.1-aarch64-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-aarch64-proxy-tftpd-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-aarch64-proxy-squid-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Proxy 5.1 (ppc64le s390x) * mgrpxy-5.1.26-slfo.1.1.1 * mgrpxy-debuginfo-5.1.26-slfo.1.1.1 * SUSE Multi-Linux Manager Proxy 5.1 (ppc64le) * suse-multi-linux-manager-5.1-ppc64le-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-ppc64le-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-tftpd-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Proxy 5.1 (s390x) * suse-multi-linux-manager-5.1-s390x-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-s390x-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-s390x-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-proxy-tftpd-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Proxy 5.1 (x86_64) * suse-multi-linux-manager-5.1-x86_64-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-x86_64-proxy-tftpd-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-httpd-image-5.1.3.1-8.19.2 * SUSE Multi-Linux Manager Retail Branch Server 5.1 (aarch64 x86_64) * mgrpxy-debuginfo-5.1.27-slfo.1.1.1 * mgrpxy-5.1.27-slfo.1.1.1 * SUSE Multi-Linux Manager Retail Branch Server 5.1 (noarch) * mgrpxy-bash-completion-5.1.26-slfo.1.1.1 * mgrpxy-zsh-completion-5.1.26-slfo.1.1.1 * mgrpxy-lang-5.1.27-slfo.1.1.1 * mgrpxy-zsh-completion-5.1.27-slfo.1.1.1 * mgrpxy-lang-5.1.26-slfo.1.1.1 * mgrpxy-bash-completion-5.1.27-slfo.1.1.1 * SUSE Multi-Linux Manager Retail Branch Server 5.1 (aarch64) * suse-multi-linux-manager-5.1-aarch64-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-aarch64-proxy-tftpd-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-aarch64-proxy-squid-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Retail Branch Server 5.1 (ppc64le s390x) * mgrpxy-5.1.26-slfo.1.1.1 * mgrpxy-debuginfo-5.1.26-slfo.1.1.1 * SUSE Multi-Linux Manager Retail Branch Server 5.1 (ppc64le) * suse-multi-linux-manager-5.1-ppc64le-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-ppc64le-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-tftpd-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Retail Branch Server 5.1 (s390x) * suse-multi-linux-manager-5.1-s390x-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-s390x-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-s390x-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-proxy-tftpd-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Retail Branch Server 5.1 (x86_64) * suse-multi-linux-manager-5.1-x86_64-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-x86_64-proxy-tftpd-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-httpd-image-5.1.3.1-8.19.2 * SUSE Multi-Linux Manager Server 5.1 (aarch64 x86_64) * mgrctl-debuginfo-5.1.27-slfo.1.1.1 * mgradm-5.1.27-slfo.1.1.1 * mgradm-debuginfo-5.1.27-slfo.1.1.1 * mgrctl-5.1.27-slfo.1.1.1 * SUSE Multi-Linux Manager Server 5.1 (noarch) * mgrctl-lang-5.1.26-slfo.1.1.1 * mgradm-bash-completion-5.1.26-slfo.1.1.1 * mgrctl-lang-5.1.27-slfo.1.1.1 * mgradm-bash-completion-5.1.27-slfo.1.1.1 * mgradm-zsh-completion-5.1.27-slfo.1.1.1 * mgradm-zsh-completion-5.1.26-slfo.1.1.1 * mgrctl-bash-completion-5.1.27-slfo.1.1.1 * mgrctl-zsh-completion-5.1.26-slfo.1.1.1 * mgrctl-bash-completion-5.1.26-slfo.1.1.1 * mgradm-lang-5.1.27-slfo.1.1.1 * mgradm-lang-5.1.26-slfo.1.1.1 * mgrctl-zsh-completion-5.1.27-slfo.1.1.1 * SUSE Multi-Linux Manager Server 5.1 (aarch64) * suse-multi-linux-manager-5.1-aarch64-server-attestation-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-aarch64-server-saline-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-aarch64-server-hub-xmlrpc-api-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-server-migration-14-16-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-server-postgresql-image-5.1.3.1-6.19.1 * suse-multi-linux-manager-5.1-aarch64-server-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Server 5.1 (ppc64le s390x) * mgradm-5.1.26-slfo.1.1.1 * mgrctl-debuginfo-5.1.26-slfo.1.1.1 * mgrctl-5.1.26-slfo.1.1.1 * mgradm-debuginfo-5.1.26-slfo.1.1.1 * SUSE Multi-Linux Manager Server 5.1 (ppc64le) * suse-multi-linux-manager-5.1-ppc64le-server-image-5.1.3-8.14.18 * suse-multi-linux-manager-5.1-ppc64le-server-attestation-image-5.1.3-8.16.7 * suse-multi-linux-manager-5.1-ppc64le-server-postgresql-image-5.1.3-6.16.2 * suse-multi-linux-manager-5.1-ppc64le-server-saline-image-5.1.3-9.14.13 * suse-multi-linux-manager-5.1-ppc64le-server-migration-14-16-image-5.1.3-8.14.8 * suse-multi-linux-manager-5.1-ppc64le-server-hub-xmlrpc-api-image-5.1.3-8.14.9 * SUSE Multi-Linux Manager Server 5.1 (s390x) * suse-multi-linux-manager-5.1-s390x-server-hub-xmlrpc-api-image-5.1.3-8.14.9 * suse-multi-linux-manager-5.1-s390x-server-migration-14-16-image-5.1.3-8.14.8 * suse-multi-linux-manager-5.1-s390x-server-attestation-image-5.1.3-8.16.7 * suse-multi-linux-manager-5.1-s390x-server-saline-image-5.1.3-9.14.13 * suse-multi-linux-manager-5.1-s390x-server-postgresql-image-5.1.3-6.16.2 * suse-multi-linux-manager-5.1-s390x-server-image-5.1.3-8.14.18 * SUSE Multi-Linux Manager Server 5.1 (x86_64) * suse-multi-linux-manager-5.1-x86_64-server-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-server-attestation-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-x86_64-server-migration-14-16-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-server-saline-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-x86_64-server-postgresql-image-5.1.3.1-6.19.1 * suse-multi-linux-manager-5.1-x86_64-server-hub-xmlrpc-api-image-5.1.3.1-8.17.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1262760 * https://bugzilla.suse.com/show_bug.cgi?id=1263007 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 12:30:28 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 12:30:28 -0000 Subject: SUSE-RU-2026:1807-1: moderate: Maintenance update for Multi-Linux Manager 5.1: Server, Proxy and Retail Branch Server Message-ID: <177850262825.2725.14439908222661465443@a63bbe94e1a3> # Maintenance update for Multi-Linux Manager 5.1: Server, Proxy and Retail Branch Server Announcement ID: SUSE-RU-2026:1807-1 Release Date: 2026-05-11T06:03:11Z Rating: moderate References: * bsc#1262760 * bsc#1263007 * jsc#MSQA-1054 Affected Products: * SUSE Linux Enterprise Server 15 SP7 * SUSE Multi-Linux Manager Proxy 5.1 Extension for SLE * SUSE Multi-Linux Manager Retail Branch Server 5.1 Extension for SLE * SUSE Multi-Linux Manager Server 5.1 Extension for SLE An update that contains one feature and has two fixes can now be installed. ## Recommended update 5.1.3.1 for Multi-Linux Manager Proxy ### Description: This update fixes the following issues: proxy-httpd-image: * Version 5.1.15 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-salt-broker-image: * Version 5.1.14 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-squid-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-ssh-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-tftpd-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 uyuni-tools: * Version 5.1.27-0 * Update the default tag to 5.1.3.1 (bsc#1262760) The following packages are underlying build dependencies and system components used by the containers: spacewalk-web: * Version 5.1.20-0 * Update WebUI version to 5.1.3.1 (bsc#1262760) How to apply this update: 1. Log in as root user to the SUSE Multi-Linux Manager Proxy. 2. Upgrade mgrpxy. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgrpxy upgrade podman` which will use the default image tags. ## Recommended update 5.1.3.1 for Multi-Linux Manager Retail Branch Server ### Description: This update fixes the following issues: proxy-httpd-image: * Version 5.1.15 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-salt-broker-image: * Version 5.1.14 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-squid-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-ssh-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 proxy-tftpd-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 uyuni-tools: * Version 5.1.27-0 * Update the default tag to 5.1.3.1 (bsc#1262760) The following packages are underlying build dependencies and system components used by the containers: spacewalk-web: * Version 5.1.20-0 * Update WebUI version to 5.1.3.1 (bsc#1262760) How to apply this update: 1. Log in as root user to the SUSE Multi-Linux Manager Retail Branch Server. 2. Upgrade mgrpxy. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgrpxy upgrade podman` which will use the default image tags. ## Recommended update 5.1.3.1 for Multi-Linux Manager Server ### Description: This update fixes the following issues: server-attestation-image: * Version 5.1.14 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-hub-xmlrpc-api-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-image: * Version 5.1.14 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-migration-14-16-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-postgresql-image: * Version 5.1.12 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 server-saline-image: * Version 5.1.13 * Image rebuilt to the newest version with updated dependencies for SUSE Multi-Linux Manager 5.1.3.1 uyuni-tools: * Version 5.1.27-0 * Update the default tag to 5.1.3.1 (bsc#1262760) The following packages are underlying build dependencies and system components used by the containers: spacewalk-java: * Version 5.1.25-0 * Add the RHEL10 installer generation type (bsc#1263007) spacewalk-web: * Version 5.1.20-0 * Update WebUI version to 5.1.3.1 (bsc#1262760) susemanager: * Version 5.1.16-0 * Add missing RHEL10 / SUSE Liberty Linux 10 (bsc#1262760) susemanager-schema: * Version 5.1.18-0 * Add the RHEL10 installer generation type (bsc#1263007) How to apply this update: 1. Log in as root user to the SUSE Multi-Linux Manager Server. 2. Upgrade mgradm and mgrctl. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgradm upgrade podman` which will use the default image tags. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Multi-Linux Manager Proxy 5.1 Extension for SLE zypper in -t patch SUSE-Multi-Linux-Manager-Proxy-SLE-5.1-2026-1807=1 * SUSE Multi-Linux Manager Retail Branch Server 5.1 Extension for SLE zypper in -t patch SUSE-Multi-Linux-Manager-Retail-Branch-Server- SLE-5.1-2026-1807=1 * SUSE Multi-Linux Manager Server 5.1 Extension for SLE zypper in -t patch SUSE-Multi-Linux-Manager-Server-SLE-5.1-2026-1807=1 ## Package List: * SUSE Multi-Linux Manager Proxy 5.1 Extension for SLE (aarch64 ppc64le s390x x86_64) * mgrpxy-debuginfo-5.1.27-150700.3.21.1 * mgrpxy-5.1.27-150700.3.21.1 * SUSE Multi-Linux Manager Proxy 5.1 Extension for SLE (noarch) * mgrpxy-bash-completion-5.1.27-150700.3.21.1 * mgrpxy-zsh-completion-5.1.27-150700.3.21.1 * mgrpxy-lang-5.1.27-150700.3.21.1 * SUSE Multi-Linux Manager Proxy 5.1 Extension for SLE (aarch64) * suse-multi-linux-manager-5.1-aarch64-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-aarch64-proxy-tftpd-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-aarch64-proxy-squid-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Proxy 5.1 Extension for SLE (ppc64le) * suse-multi-linux-manager-5.1-ppc64le-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-ppc64le-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-tftpd-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Proxy 5.1 Extension for SLE (s390x) * suse-multi-linux-manager-5.1-s390x-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-s390x-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-s390x-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-proxy-tftpd-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Proxy 5.1 Extension for SLE (x86_64) * suse-multi-linux-manager-5.1-x86_64-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-x86_64-proxy-tftpd-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-httpd-image-5.1.3.1-8.19.2 * SUSE Multi-Linux Manager Retail Branch Server 5.1 Extension for SLE (aarch64 ppc64le s390x x86_64) * mgrpxy-debuginfo-5.1.27-150700.3.21.1 * mgrpxy-5.1.27-150700.3.21.1 * SUSE Multi-Linux Manager Retail Branch Server 5.1 Extension for SLE (noarch) * mgrpxy-bash-completion-5.1.27-150700.3.21.1 * mgrpxy-zsh-completion-5.1.27-150700.3.21.1 * mgrpxy-lang-5.1.27-150700.3.21.1 * SUSE Multi-Linux Manager Retail Branch Server 5.1 Extension for SLE (aarch64) * suse-multi-linux-manager-5.1-aarch64-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-aarch64-proxy-tftpd-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-aarch64-proxy-squid-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Retail Branch Server 5.1 Extension for SLE (ppc64le) * suse-multi-linux-manager-5.1-ppc64le-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-ppc64le-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-ppc64le-proxy-tftpd-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Retail Branch Server 5.1 Extension for SLE (s390x) * suse-multi-linux-manager-5.1-s390x-proxy-httpd-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-s390x-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-s390x-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-proxy-tftpd-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Retail Branch Server 5.1 Extension for SLE (x86_64) * suse-multi-linux-manager-5.1-x86_64-proxy-squid-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-salt-broker-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-x86_64-proxy-tftpd-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-ssh-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-proxy-httpd-image-5.1.3.1-8.19.2 * SUSE Multi-Linux Manager Server 5.1 Extension for SLE (aarch64 ppc64le s390x x86_64) * mgrctl-5.1.27-150700.3.21.1 * mgradm-5.1.27-150700.3.21.1 * mgrctl-debuginfo-5.1.27-150700.3.21.1 * mgradm-debuginfo-5.1.27-150700.3.21.1 * SUSE Multi-Linux Manager Server 5.1 Extension for SLE (noarch) * mgrctl-lang-5.1.27-150700.3.21.1 * mgradm-lang-5.1.27-150700.3.21.1 * mgradm-bash-completion-5.1.27-150700.3.21.1 * mgrctl-bash-completion-5.1.27-150700.3.21.1 * mgrctl-zsh-completion-5.1.27-150700.3.21.1 * mgradm-zsh-completion-5.1.27-150700.3.21.1 * SUSE Multi-Linux Manager Server 5.1 Extension for SLE (aarch64) * suse-multi-linux-manager-5.1-aarch64-server-attestation-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-aarch64-server-saline-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-aarch64-server-hub-xmlrpc-api-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-server-migration-14-16-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-aarch64-server-postgresql-image-5.1.3.1-6.19.1 * suse-multi-linux-manager-5.1-aarch64-server-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Server 5.1 Extension for SLE (ppc64le) * suse-multi-linux-manager-5.1-ppc64le-server-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-server-migration-14-16-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-ppc64le-server-postgresql-image-5.1.3.1-6.19.1 * suse-multi-linux-manager-5.1-ppc64le-server-attestation-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-ppc64le-server-saline-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-ppc64le-server-hub-xmlrpc-api-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Server 5.1 Extension for SLE (s390x) * suse-multi-linux-manager-5.1-s390x-server-saline-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-s390x-server-migration-14-16-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-server-attestation-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-s390x-server-postgresql-image-5.1.3.1-6.19.1 * suse-multi-linux-manager-5.1-s390x-server-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-s390x-server-hub-xmlrpc-api-image-5.1.3.1-8.17.2 * SUSE Multi-Linux Manager Server 5.1 Extension for SLE (x86_64) * suse-multi-linux-manager-5.1-x86_64-server-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-server-attestation-image-5.1.3.1-8.19.2 * suse-multi-linux-manager-5.1-x86_64-server-migration-14-16-image-5.1.3.1-8.17.2 * suse-multi-linux-manager-5.1-x86_64-server-saline-image-5.1.3.1-9.17.3 * suse-multi-linux-manager-5.1-x86_64-server-postgresql-image-5.1.3.1-6.19.1 * suse-multi-linux-manager-5.1-x86_64-server-hub-xmlrpc-api-image-5.1.3.1-8.17.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1262760 * https://bugzilla.suse.com/show_bug.cgi?id=1263007 * https://jira.suse.com/browse/MSQA-1054 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 20:30:02 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 20:30:02 -0000 Subject: SUSE-RU-2026:1814-1: moderate: Recommended update for suse-build-key Message-ID: <177853140264.54.4420458536484183345@71ddaef85c29> # Recommended update for suse-build-key Announcement ID: SUSE-RU-2026:1814-1 Release Date: 2026-05-11T15:17:43Z Rating: moderate References: Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that can now be installed. ## Description: This update for suse-build-key fixes the following issues: * Import all keys if they are not yet in the RPM db. * Added post quantum cryptographic keys for SLES 15 and SLES 16: * build-pqc-15.pem * build-pqc-16.pem ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1814=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1814=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1814=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1814=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1814=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1814=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1814=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1814=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1814=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1814=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1814=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1814=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1814=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1814=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1814=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1814=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1814=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1814=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1814=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * suse-build-key-12.0-150000.8.64.1 * Basesystem Module 15-SP7 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * suse-build-key-12.0-150000.8.64.1 * openSUSE Leap 15.6 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * suse-build-key-12.0-150000.8.64.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * suse-build-key-12.0-150000.8.64.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon May 11 20:30:07 2026 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 May 2026 20:30:07 -0000 Subject: SUSE-RU-2026:1813-1: important: Recommended update for net-snmp Message-ID: <177853140770.54.9377640692497413976@71ddaef85c29> # Recommended update for net-snmp Announcement ID: SUSE-RU-2026:1813-1 Release Date: 2026-05-11T13:18:47Z Rating: important References: * bsc#1232030 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for net-snmp fixes the following issues: * Roll back logrotate fix, as the `systemctl try-reload-or-restart` functionality is not available in systemd 228 (bsc#1232030). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1813=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1813=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libsnmp40-debuginfo-5.9.4-14.14.1 * net-snmp-5.9.4-14.14.1 * net-snmp-debugsource-5.9.4-14.14.1 * net-snmp-debuginfo-5.9.4-14.14.1 * libsnmp40-5.9.4-14.14.1 * snmp-mibs-5.9.4-14.14.1 * perl-SNMP-debuginfo-5.9.4-14.14.1 * perl-SNMP-5.9.4-14.14.1 * net-snmp-devel-5.9.4-14.14.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libsnmp40-32bit-5.9.4-14.14.1 * libsnmp40-debuginfo-32bit-5.9.4-14.14.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libsnmp40-debuginfo-5.9.4-14.14.1 * net-snmp-5.9.4-14.14.1 * net-snmp-debugsource-5.9.4-14.14.1 * net-snmp-debuginfo-5.9.4-14.14.1 * libsnmp40-32bit-5.9.4-14.14.1 * libsnmp40-5.9.4-14.14.1 * snmp-mibs-5.9.4-14.14.1 * net-snmp-devel-5.9.4-14.14.1 * perl-SNMP-debuginfo-5.9.4-14.14.1 * perl-SNMP-5.9.4-14.14.1 * libsnmp40-debuginfo-32bit-5.9.4-14.14.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232030 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:12 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:12 -0000 Subject: SUSE-SU-2026:1825-1: important: Security update for the Linux Kernel Message-ID: <177868981272.1208.2601627064127053262@e3afc95ed2e8> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1825-1 Release Date: 2026-05-12T09:00:07Z Rating: important References: * bsc#1264449 Cross-References: * CVE-2026-43284 CVSS scores: * CVE-2026-43284 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * Development Tools Module 15-SP7 * Legacy Module 15-SP7 * Public Cloud Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Availability Extension 15 SP7 * SUSE Linux Enterprise Live Patching 15-SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP7 kernel was updated to fix the following issue: * CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags (bsc#1264449). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1825=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-1825=1 * SUSE Linux Enterprise Live Patching 15-SP7 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP7-2026-1825=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-1825=1 * Legacy Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP7-2026-1825=1 * Public Cloud Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP7-2026-1825=1 * SUSE Linux Enterprise High Availability Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-HA-15-SP7-2026-1825=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 nosrc) * kernel-64kb-6.4.0-150700.53.45.1 * Basesystem Module 15-SP7 (aarch64) * kernel-64kb-devel-6.4.0-150700.53.45.1 * kernel-64kb-devel-debuginfo-6.4.0-150700.53.45.1 * kernel-64kb-debugsource-6.4.0-150700.53.45.1 * kernel-64kb-debuginfo-6.4.0-150700.53.45.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150700.53.45.1 * Basesystem Module 15-SP7 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150700.53.45.1.150700.17.29.2 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-6.4.0-150700.53.45.1 * kernel-default-debugsource-6.4.0-150700.53.45.1 * kernel-default-devel-debuginfo-6.4.0-150700.53.45.1 * kernel-default-debuginfo-6.4.0-150700.53.45.1 * Basesystem Module 15-SP7 (noarch) * kernel-macros-6.4.0-150700.53.45.1 * kernel-devel-6.4.0-150700.53.45.1 * Basesystem Module 15-SP7 (nosrc s390x) * kernel-zfcpdump-6.4.0-150700.53.45.1 * Basesystem Module 15-SP7 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150700.53.45.1 * kernel-zfcpdump-debuginfo-6.4.0-150700.53.45.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * kernel-default-extra-debuginfo-6.4.0-150700.53.45.1 * kernel-default-debugsource-6.4.0-150700.53.45.1 * kernel-default-debuginfo-6.4.0-150700.53.45.1 * kernel-default-extra-6.4.0-150700.53.45.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (nosrc) * kernel-default-6.4.0-150700.53.45.1 * SUSE Linux Enterprise Live Patching 15-SP7 (nosrc) * kernel-default-6.4.0-150700.53.45.1 * SUSE Linux Enterprise Live Patching 15-SP7 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150700_53_45-default-1-150700.15.3.2 * kernel-default-debugsource-6.4.0-150700.53.45.1 * kernel-livepatch-SLE15-SP7_Update_13-debugsource-1-150700.15.3.2 * kernel-livepatch-6_4_0-150700_53_45-default-debuginfo-1-150700.15.3.2 * kernel-default-livepatch-devel-6.4.0-150700.53.45.1 * kernel-default-livepatch-6.4.0-150700.53.45.1 * kernel-default-debuginfo-6.4.0-150700.53.45.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-6.4.0-150700.53.45.1 * kernel-syms-6.4.0-150700.53.45.1 * kernel-obs-build-6.4.0-150700.53.45.1 * Development Tools Module 15-SP7 (noarch nosrc) * kernel-docs-6.4.0-150700.53.45.1 * Development Tools Module 15-SP7 (noarch) * kernel-source-6.4.0-150700.53.45.1 * Legacy Module 15-SP7 (nosrc) * kernel-default-6.4.0-150700.53.45.1 * Legacy Module 15-SP7 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-6.4.0-150700.53.45.1 * kernel-default-debugsource-6.4.0-150700.53.45.1 * kernel-default-debuginfo-6.4.0-150700.53.45.1 * reiserfs-kmp-default-6.4.0-150700.53.45.1 * Public Cloud Module 15-SP7 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150700.53.45.1 * Public Cloud Module 15-SP7 (aarch64 x86_64) * kernel-azure-devel-debuginfo-6.4.0-150700.53.45.1 * kernel-azure-devel-6.4.0-150700.53.45.1 * kernel-azure-debugsource-6.4.0-150700.53.45.1 * kernel-azure-debuginfo-6.4.0-150700.53.45.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-6.4.0-150700.53.45.1 * kernel-default-debugsource-6.4.0-150700.53.45.1 * ocfs2-kmp-default-debuginfo-6.4.0-150700.53.45.1 * gfs2-kmp-default-6.4.0-150700.53.45.1 * ocfs2-kmp-default-6.4.0-150700.53.45.1 * gfs2-kmp-default-debuginfo-6.4.0-150700.53.45.1 * kernel-default-debuginfo-6.4.0-150700.53.45.1 * dlm-kmp-default-6.4.0-150700.53.45.1 * cluster-md-kmp-default-debuginfo-6.4.0-150700.53.45.1 * dlm-kmp-default-debuginfo-6.4.0-150700.53.45.1 * SUSE Linux Enterprise High Availability Extension 15 SP7 (nosrc) * kernel-default-6.4.0-150700.53.45.1 ## References: * https://www.suse.com/security/cve/CVE-2026-43284.html * https://bugzilla.suse.com/show_bug.cgi?id=1264449 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:22 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:22 -0000 Subject: SUSE-SU-2026:1840-1: important: Security update for the Linux Kernel Message-ID: <177868982253.1208.15540676333942908004@e3afc95ed2e8> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2026:1840-1 Release Date: 2026-05-13T10:05:24Z Rating: important References: * bsc#1264449 * bsc#1264450 Cross-References: * CVE-2026-43284 * CVE-2026-43500 CVSS scores: * CVE-2026-43284 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43284 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43500 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-43500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-43500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to fix the following issue: * CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags (bsc#1264449). * CVE-2026-43500: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present (bsc#1264450). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1840=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2026-1840=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1840=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1840=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1840=1 ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (noarch) * kernel-macros-6.4.0-150600.23.103.1 * kernel-source-vanilla-6.4.0-150600.23.103.1 * kernel-source-6.4.0-150600.23.103.1 * kernel-docs-html-6.4.0-150600.23.103.1 * kernel-devel-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-debugsource-6.4.0-150600.23.103.1 * kernel-debug-devel-6.4.0-150600.23.103.1 * kernel-debug-devel-debuginfo-6.4.0-150600.23.103.1 * kernel-debug-debuginfo-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (x86_64) * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.103.1 * kernel-debug-vdso-debuginfo-6.4.0-150600.23.103.1 * kernel-default-vdso-6.4.0-150600.23.103.1 * kernel-debug-vdso-6.4.0-150600.23.103.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.103.1 * kernel-kvmsmall-vdso-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (aarch64) * dtb-hisilicon-6.4.0-150600.23.103.1 * dtb-arm-6.4.0-150600.23.103.1 * dtb-mediatek-6.4.0-150600.23.103.1 * reiserfs-kmp-64kb-6.4.0-150600.23.103.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.103.1 * dtb-amazon-6.4.0-150600.23.103.1 * kernel-64kb-devel-6.4.0-150600.23.103.1 * dtb-altera-6.4.0-150600.23.103.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.103.1 * dtb-broadcom-6.4.0-150600.23.103.1 * dtb-nvidia-6.4.0-150600.23.103.1 * dtb-renesas-6.4.0-150600.23.103.1 * dtb-apm-6.4.0-150600.23.103.1 * dtb-rockchip-6.4.0-150600.23.103.1 * kernel-64kb-extra-6.4.0-150600.23.103.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.103.1 * dlm-kmp-64kb-6.4.0-150600.23.103.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.103.1 * kernel-64kb-debuginfo-6.4.0-150600.23.103.1 * gfs2-kmp-64kb-6.4.0-150600.23.103.1 * dtb-amd-6.4.0-150600.23.103.1 * dtb-cavium-6.4.0-150600.23.103.1 * dtb-allwinner-6.4.0-150600.23.103.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.103.1 * dtb-socionext-6.4.0-150600.23.103.1 * dtb-apple-6.4.0-150600.23.103.1 * dtb-marvell-6.4.0-150600.23.103.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.103.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.103.1 * dtb-exynos-6.4.0-150600.23.103.1 * dtb-qcom-6.4.0-150600.23.103.1 * dtb-xilinx-6.4.0-150600.23.103.1 * kernel-64kb-optional-6.4.0-150600.23.103.1 * kernel-64kb-debugsource-6.4.0-150600.23.103.1 * dtb-freescale-6.4.0-150600.23.103.1 * kselftests-kmp-64kb-6.4.0-150600.23.103.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.103.1 * dtb-amlogic-6.4.0-150600.23.103.1 * dtb-lg-6.4.0-150600.23.103.1 * ocfs2-kmp-64kb-6.4.0-150600.23.103.1 * dtb-sprd-6.4.0-150600.23.103.1 * cluster-md-kmp-64kb-6.4.0-150600.23.103.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-6.4.0-150600.23.103.1 * kernel-default-base-rebuild-6.4.0-150600.23.103.1.150600.12.48.1 * kernel-default-base-6.4.0-150600.23.103.1.150600.12.48.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.103.1 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.103.1 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.103.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.103.1 * reiserfs-kmp-default-6.4.0-150600.23.103.1 * kernel-default-extra-6.4.0-150600.23.103.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.103.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.103.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.103.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.103.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.103.1 * ocfs2-kmp-default-6.4.0-150600.23.103.1 * kernel-syms-6.4.0-150600.23.103.1 * kernel-obs-build-debugsource-6.4.0-150600.23.103.1 * kernel-default-optional-6.4.0-150600.23.103.1 * kernel-default-livepatch-6.4.0-150600.23.103.1 * kselftests-kmp-default-6.4.0-150600.23.103.1 * kernel-obs-qa-6.4.0-150600.23.103.1 * kernel-default-debugsource-6.4.0-150600.23.103.1 * kernel-obs-build-6.4.0-150600.23.103.1 * gfs2-kmp-default-6.4.0-150600.23.103.1 * kernel-default-devel-6.4.0-150600.23.103.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.103.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.103.1 * cluster-md-kmp-default-6.4.0-150600.23.103.1 * dlm-kmp-default-6.4.0-150600.23.103.1 * kernel-default-debuginfo-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-6.4.0-150600.23.103.1 * kernel-livepatch-6_4_0-150600_23_103-default-1-150600.13.3.1 * kernel-livepatch-6_4_0-150600_23_103-default-debuginfo-1-150600.13.3.1 * kernel-livepatch-SLE15-SP6_Update_24-debugsource-1-150600.13.3.1 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.103.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.103.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.103.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.103.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-6.4.0-150600.23.103.1 * kernel-default-debugsource-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch nosrc) * kernel-docs-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * kernel-macros-6.4.0-150600.23.103.1 * kernel-source-6.4.0-150600.23.103.1 * kernel-devel-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.103.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.103.1 * kernel-default-devel-6.4.0-150600.23.103.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.103.1 * reiserfs-kmp-default-6.4.0-150600.23.103.1 * kernel-syms-6.4.0-150600.23.103.1 * kernel-default-debugsource-6.4.0-150600.23.103.1 * kernel-obs-build-6.4.0-150600.23.103.1 * kernel-obs-build-debugsource-6.4.0-150600.23.103.1 * dlm-kmp-default-6.4.0-150600.23.103.1 * gfs2-kmp-default-6.4.0-150600.23.103.1 * cluster-md-kmp-default-6.4.0-150600.23.103.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.103.1 * kernel-default-debuginfo-6.4.0-150600.23.103.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.103.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.103.1 * ocfs2-kmp-default-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.103.1.150600.12.48.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64) * kernel-64kb-debugsource-6.4.0-150600.23.103.1 * kernel-64kb-devel-6.4.0-150600.23.103.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.103.1 * kernel-64kb-debuginfo-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (s390x) * kernel-zfcpdump-debugsource-6.4.0-150600.23.103.1 * kernel-zfcpdump-debuginfo-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.103.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.103.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.103.1 * kernel-default-devel-6.4.0-150600.23.103.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.103.1 * reiserfs-kmp-default-6.4.0-150600.23.103.1 * kernel-syms-6.4.0-150600.23.103.1 * kernel-default-debugsource-6.4.0-150600.23.103.1 * kernel-obs-build-6.4.0-150600.23.103.1 * kernel-obs-build-debugsource-6.4.0-150600.23.103.1 * kernel-default-base-6.4.0-150600.23.103.1.150600.12.48.1 * gfs2-kmp-default-6.4.0-150600.23.103.1 * cluster-md-kmp-default-6.4.0-150600.23.103.1 * dlm-kmp-default-6.4.0-150600.23.103.1 * kernel-default-debuginfo-6.4.0-150600.23.103.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.103.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.103.1 * ocfs2-kmp-default-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (nosrc ppc64le x86_64) * kernel-default-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * kernel-macros-6.4.0-150600.23.103.1 * kernel-source-6.4.0-150600.23.103.1 * kernel-devel-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.103.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-default-livepatch-6.4.0-150600.23.103.1 * kernel-livepatch-SLE15-SP6_Update_24-debugsource-1-150600.13.3.1 * kernel-default-debugsource-6.4.0-150600.23.103.1 * kernel-default-livepatch-devel-6.4.0-150600.23.103.1 * kernel-livepatch-6_4_0-150600_23_103-default-1-150600.13.3.1 * kernel-default-debuginfo-6.4.0-150600.23.103.1 * kernel-livepatch-6_4_0-150600_23_103-default-debuginfo-1-150600.13.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-43284.html * https://www.suse.com/security/cve/CVE-2026-43500.html * https://bugzilla.suse.com/show_bug.cgi?id=1264449 * https://bugzilla.suse.com/show_bug.cgi?id=1264450 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:26 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:26 -0000 Subject: SUSE-SU-2026:1839-1: moderate: Security update for Mesa Message-ID: <177868982645.1208.1087671058919966202@e3afc95ed2e8> # Security update for Mesa Announcement ID: SUSE-SU-2026:1839-1 Release Date: 2026-05-13T09:13:57Z Rating: moderate References: * bsc#1261998 Cross-References: * CVE-2026-40393 CVSS scores: * CVE-2026-40393 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-40393 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40393 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Linux Enterprise Workstation Extension 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for Mesa fixes the following issue: * CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party (bsc#1261998). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1839=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1839=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1839=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1839=1 * SUSE Linux Enterprise Workstation Extension 15 SP7 zypper in -t patch SUSE-SLE-Product-WE-15-SP7-2026-1839=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1839=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1839=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * libvulkan_radeon-21.2.4-150400.68.18.1 * Mesa-libd3d-21.2.4-150400.68.18.1 * Mesa-vulkan-device-select-21.2.4-150400.68.18.1 * Mesa-vulkan-overlay-21.2.4-150400.68.18.1 * libvulkan_radeon-debuginfo-21.2.4-150400.68.18.1 * libvulkan_lvp-21.2.4-150400.68.18.1 * libvulkan_lvp-debuginfo-21.2.4-150400.68.18.1 * Mesa-libd3d-devel-21.2.4-150400.68.18.1 * Mesa-libd3d-debuginfo-21.2.4-150400.68.18.1 * Mesa-vulkan-device-select-debuginfo-21.2.4-150400.68.18.1 * Mesa-vulkan-overlay-debuginfo-21.2.4-150400.68.18.1 * Mesa-libVulkan-devel-21.2.4-150400.68.18.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64 i586) * libvdpau_nouveau-debuginfo-21.2.4-150400.68.18.1 * libvdpau_r300-debuginfo-21.2.4-150400.68.18.1 * Mesa-libva-debuginfo-21.2.4-150400.68.18.1 * libXvMC_nouveau-21.2.4-150400.68.18.1 * Mesa-libOpenCL-21.2.4-150400.68.18.1 * libvdpau_radeonsi-21.2.4-150400.68.18.1 * Mesa-libva-21.2.4-150400.68.18.1 * libXvMC_r600-21.2.4-150400.68.18.1 * Mesa-libOpenCL-debuginfo-21.2.4-150400.68.18.1 * Mesa-dri-nouveau-21.2.4-150400.68.18.1 * libxatracker2-1.0.0-150400.68.18.1 * libvdpau_radeonsi-debuginfo-21.2.4-150400.68.18.1 * libXvMC_nouveau-debuginfo-21.2.4-150400.68.18.1 * libxatracker2-debuginfo-1.0.0-150400.68.18.1 * libvdpau_r300-21.2.4-150400.68.18.1 * libvdpau_r600-debuginfo-21.2.4-150400.68.18.1 * Mesa-dri-nouveau-debuginfo-21.2.4-150400.68.18.1 * libvdpau_nouveau-21.2.4-150400.68.18.1 * libXvMC_r600-debuginfo-21.2.4-150400.68.18.1 * Mesa-gallium-debuginfo-21.2.4-150400.68.18.1 * Mesa-gallium-21.2.4-150400.68.18.1 * libvdpau_r600-21.2.4-150400.68.18.1 * libxatracker-devel-1.0.0-150400.68.18.1 * openSUSE Leap 15.4 (x86_64) * Mesa-vulkan-overlay-32bit-21.2.4-150400.68.18.1 * libOSMesa-devel-32bit-21.2.4-150400.68.18.1 * libvdpau_r600-32bit-21.2.4-150400.68.18.1 * Mesa-gallium-32bit-21.2.4-150400.68.18.1 * Mesa-libGLESv2-devel-32bit-21.2.4-150400.68.18.1 * Mesa-libGL1-32bit-debuginfo-21.2.4-150400.68.18.1 * libvulkan_intel-32bit-21.2.4-150400.68.18.1 * libXvMC_r600-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libd3d-32bit-21.2.4-150400.68.18.1 * libvdpau_r300-32bit-21.2.4-150400.68.18.1 * Mesa-dri-32bit-debuginfo-21.2.4-150400.68.18.1 * libvulkan_radeon-32bit-21.2.4-150400.68.18.1 * Mesa-gallium-32bit-debuginfo-21.2.4-150400.68.18.1 * libvdpau_r600-32bit-debuginfo-21.2.4-150400.68.18.1 * libXvMC_nouveau-32bit-debuginfo-21.2.4-150400.68.18.1 * libvdpau_r300-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-vulkan-device-select-32bit-debuginfo-21.2.4-150400.68.18.1 * libgbm1-32bit-21.2.4-150400.68.18.1 * Mesa-libd3d-devel-32bit-21.2.4-150400.68.18.1 * libvdpau_nouveau-32bit-21.2.4-150400.68.18.1 * Mesa-libEGL1-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libglapi0-32bit-21.2.4-150400.68.18.1 * libOSMesa8-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libglapi0-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libGL1-32bit-21.2.4-150400.68.18.1 * libXvMC_nouveau-32bit-21.2.4-150400.68.18.1 * libvdpau_radeonsi-32bit-21.2.4-150400.68.18.1 * libOSMesa8-32bit-21.2.4-150400.68.18.1 * libXvMC_r600-32bit-21.2.4-150400.68.18.1 * Mesa-vulkan-device-select-32bit-21.2.4-150400.68.18.1 * libvulkan_intel-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libglapi-devel-32bit-21.2.4-150400.68.18.1 * Mesa-dri-32bit-21.2.4-150400.68.18.1 * Mesa-vulkan-overlay-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libGLESv1_CM-devel-32bit-21.2.4-150400.68.18.1 * libgbm1-32bit-debuginfo-21.2.4-150400.68.18.1 * libgbm-devel-32bit-21.2.4-150400.68.18.1 * Mesa-libEGL1-32bit-21.2.4-150400.68.18.1 * Mesa-32bit-21.2.4-150400.68.18.1 * libvdpau_radeonsi-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libEGL-devel-32bit-21.2.4-150400.68.18.1 * Mesa-libd3d-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libGL-devel-32bit-21.2.4-150400.68.18.1 * Mesa-dri-nouveau-32bit-debuginfo-21.2.4-150400.68.18.1 * libvulkan_radeon-32bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-dri-nouveau-32bit-21.2.4-150400.68.18.1 * libvdpau_nouveau-32bit-debuginfo-21.2.4-150400.68.18.1 * openSUSE Leap 15.4 (x86_64 i586) * libvulkan_intel-debuginfo-21.2.4-150400.68.18.1 * libvulkan_intel-21.2.4-150400.68.18.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * Mesa-libGLESv1_CM-devel-21.2.4-150400.68.18.1 * Mesa-libGL-devel-21.2.4-150400.68.18.1 * Mesa-libglapi0-debuginfo-21.2.4-150400.68.18.1 * libOSMesa8-21.2.4-150400.68.18.1 * Mesa-dri-21.2.4-150400.68.18.1 * Mesa-debugsource-21.2.4-150400.68.18.1 * Mesa-dri-debuginfo-21.2.4-150400.68.18.1 * Mesa-21.2.4-150400.68.18.1 * Mesa-libGLESv2-devel-21.2.4-150400.68.18.1 * Mesa-devel-21.2.4-150400.68.18.1 * libOSMesa-devel-21.2.4-150400.68.18.1 * Mesa-libEGL1-debuginfo-21.2.4-150400.68.18.1 * Mesa-libglapi0-21.2.4-150400.68.18.1 * Mesa-libglapi-devel-21.2.4-150400.68.18.1 * Mesa-libEGL1-21.2.4-150400.68.18.1 * Mesa-dri-devel-21.2.4-150400.68.18.1 * libOSMesa8-debuginfo-21.2.4-150400.68.18.1 * Mesa-libGL1-debuginfo-21.2.4-150400.68.18.1 * libgbm1-debuginfo-21.2.4-150400.68.18.1 * Mesa-libGLESv3-devel-21.2.4-150400.68.18.1 * Mesa-libEGL-devel-21.2.4-150400.68.18.1 * libgbm-devel-21.2.4-150400.68.18.1 * Mesa-libGL1-21.2.4-150400.68.18.1 * libgbm1-21.2.4-150400.68.18.1 * Mesa-drivers-debugsource-21.2.4-150400.68.18.1 * Mesa-KHR-devel-21.2.4-150400.68.18.1 * openSUSE Leap 15.4 (aarch64_ilp32) * Mesa-libd3d-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-dri-vc4-64bit-21.2.4-150400.68.18.1 * Mesa-vulkan-device-select-64bit-21.2.4-150400.68.18.1 * Mesa-vulkan-device-select-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libGL1-64bit-21.2.4-150400.68.18.1 * Mesa-libglapi-devel-64bit-21.2.4-150400.68.18.1 * libOSMesa8-64bit-21.2.4-150400.68.18.1 * libvdpau_nouveau-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-gallium-64bit-debuginfo-21.2.4-150400.68.18.1 * libXvMC_r600-64bit-21.2.4-150400.68.18.1 * Mesa-dri-nouveau-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-dri-vc4-64bit-debuginfo-21.2.4-150400.68.18.1 * libgbm1-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libEGL1-64bit-21.2.4-150400.68.18.1 * Mesa-dri-nouveau-64bit-21.2.4-150400.68.18.1 * libvdpau_r600-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libGL-devel-64bit-21.2.4-150400.68.18.1 * libvdpau_r300-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libGL1-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-libd3d-devel-64bit-21.2.4-150400.68.18.1 * libvdpau_nouveau-64bit-21.2.4-150400.68.18.1 * Mesa-libGLESv2-devel-64bit-21.2.4-150400.68.18.1 * libvdpau_r600-64bit-21.2.4-150400.68.18.1 * libvdpau_radeonsi-64bit-21.2.4-150400.68.18.1 * Mesa-gallium-64bit-21.2.4-150400.68.18.1 * Mesa-64bit-21.2.4-150400.68.18.1 * Mesa-libEGL-devel-64bit-21.2.4-150400.68.18.1 * Mesa-libGLESv1_CM-devel-64bit-21.2.4-150400.68.18.1 * Mesa-libglapi0-64bit-21.2.4-150400.68.18.1 * libgbm-devel-64bit-21.2.4-150400.68.18.1 * libXvMC_r600-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-dri-64bit-debuginfo-21.2.4-150400.68.18.1 * libOSMesa-devel-64bit-21.2.4-150400.68.18.1 * Mesa-vulkan-overlay-64bit-21.2.4-150400.68.18.1 * Mesa-dri-64bit-21.2.4-150400.68.18.1 * Mesa-libglapi0-64bit-debuginfo-21.2.4-150400.68.18.1 * libvdpau_r300-64bit-21.2.4-150400.68.18.1 * libvdpau_radeonsi-64bit-debuginfo-21.2.4-150400.68.18.1 * libvulkan_radeon-64bit-debuginfo-21.2.4-150400.68.18.1 * libOSMesa8-64bit-debuginfo-21.2.4-150400.68.18.1 * libXvMC_nouveau-64bit-debuginfo-21.2.4-150400.68.18.1 * Mesa-vulkan-overlay-64bit-debuginfo-21.2.4-150400.68.18.1 * libvulkan_radeon-64bit-21.2.4-150400.68.18.1 * libgbm1-64bit-21.2.4-150400.68.18.1 * libXvMC_nouveau-64bit-21.2.4-150400.68.18.1 * Mesa-libd3d-64bit-21.2.4-150400.68.18.1 * Mesa-libEGL1-64bit-debuginfo-21.2.4-150400.68.18.1 * openSUSE Leap 15.4 (aarch64) * Mesa-dri-vc4-21.2.4-150400.68.18.1 * Mesa-dri-vc4-debuginfo-21.2.4-150400.68.18.1 * libvulkan_freedreno-21.2.4-150400.68.18.1 * libvulkan_broadcom-21.2.4-150400.68.18.1 * libvulkan_broadcom-debuginfo-21.2.4-150400.68.18.1 * libvulkan_freedreno-debuginfo-21.2.4-150400.68.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgbm1-21.2.4-150400.68.18.1 * libgbm1-debuginfo-21.2.4-150400.68.18.1 * Mesa-debugsource-21.2.4-150400.68.18.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgbm1-21.2.4-150400.68.18.1 * libgbm1-debuginfo-21.2.4-150400.68.18.1 * Mesa-debugsource-21.2.4-150400.68.18.1 * Basesystem Module 15-SP7 (x86_64) * Mesa-libVulkan-devel-21.2.4-150400.68.18.1 * Mesa-drivers-debugsource-21.2.4-150400.68.18.1 * SUSE Linux Enterprise Workstation Extension 15 SP7 (x86_64) * libXvMC_nouveau-debuginfo-21.2.4-150400.68.18.1 * libXvMC_nouveau-21.2.4-150400.68.18.1 * Mesa-drivers-debugsource-21.2.4-150400.68.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgbm1-21.2.4-150400.68.18.1 * libgbm1-debuginfo-21.2.4-150400.68.18.1 * Mesa-debugsource-21.2.4-150400.68.18.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgbm1-21.2.4-150400.68.18.1 * libgbm1-debuginfo-21.2.4-150400.68.18.1 * Mesa-debugsource-21.2.4-150400.68.18.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40393.html * https://bugzilla.suse.com/show_bug.cgi?id=1261998 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:28 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:28 -0000 Subject: SUSE-RU-2026:1838-1: moderate: Recommended update for post-build-checks-malwarescan Message-ID: <177868982856.1208.9914921630606378496@e3afc95ed2e8> # Recommended update for post-build-checks-malwarescan Announcement ID: SUSE-RU-2026:1838-1 Release Date: 2026-05-13T07:18:51Z Rating: moderate References: Affected Products: * openSUSE Leap 15.5 An update that can now be installed. ## Description: This update for post-build-checks-malwarescan fixes the following issues: * exclude pdfium-7471.tar.bz2 false positive. This pdfium tarball is needed to build LibreOffice 26.2.3.2. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1838=1 ## Package List: * openSUSE Leap 15.5 (noarch) * post-build-checks-malwarescan-0.1-150500.20.18.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:34 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:34 -0000 Subject: SUSE-RU-2026:1837-1: important: Recommended update for crmsh Message-ID: <177868983460.1208.12916643910756132521@e3afc95ed2e8> # Recommended update for crmsh Announcement ID: SUSE-RU-2026:1837-1 Release Date: 2026-05-13T05:26:40Z Rating: important References: * bsc#1245386 * bsc#1246622 * bsc#1259683 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has three fixes can now be installed. ## Description: This update for crmsh fixes the following issues: * Fix: bootstrap: Ensure robust node identification when removing from cluster (bsc#1259683) * Fix: sbd: Avoid negative value for the property 'stonith-watchdog-timeout' (bsc#1246622) * Fix: log: Improved function confirm's logic (bsc#1245386) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1837=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2026-1837=1 ## Package List: * openSUSE Leap 15.5 (noarch) * crmsh-scripts-4.5.1+20260403.f064dd72-150500.3.51.1 * crmsh-test-4.5.1+20260403.f064dd72-150500.3.51.1 * crmsh-4.5.1+20260403.f064dd72-150500.3.51.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (noarch) * crmsh-scripts-4.5.1+20260403.f064dd72-150500.3.51.1 * crmsh-4.5.1+20260403.f064dd72-150500.3.51.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1245386 * https://bugzilla.suse.com/show_bug.cgi?id=1246622 * https://bugzilla.suse.com/show_bug.cgi?id=1259683 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:37 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:37 -0000 Subject: SUSE-RU-2026:1836-1: moderate: Recommended update for libvirt Message-ID: <177868983780.1208.2789201006390017158@e3afc95ed2e8> # Recommended update for libvirt Announcement ID: SUSE-RU-2026:1836-1 Release Date: 2026-05-12T18:06:10Z Rating: moderate References: * bsc#1242979 * jsc#PED-15886 Affected Products: * Basesystem Module 15-SP7 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that contains one feature and has one fix can now be installed. ## Description: This update for libvirt, numa-preplace fixes the following issues: * Add numa-preplace (jsc#PED-15886) * qemu: Use numa-preplace instead of numad for numa placement advice (bsc#1242979) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1836=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-1836=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libvirt-libs-11.0.0-150700.4.22.1 * numa-preplace-debuginfo-0.1-150700.15.3.1 * numa-preplace-0.1-150700.15.3.1 * libvirt-libs-debuginfo-11.0.0-150700.4.22.1 * libvirt-debugsource-11.0.0-150700.4.22.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * libvirt-daemon-driver-nwfilter-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-lock-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-logical-11.0.0-150700.4.22.1 * libvirt-client-qemu-11.0.0-150700.4.22.1 * libvirt-daemon-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-11.0.0-150700.4.22.1 * libvirt-nss-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-core-11.0.0-150700.4.22.1 * libvirt-daemon-proxy-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-config-network-11.0.0-150700.4.22.1 * libvirt-daemon-driver-secret-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-mpath-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-logical-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-qemu-11.0.0-150700.4.22.1 * libvirt-daemon-plugin-sanlock-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-scsi-debuginfo-11.0.0-150700.4.22.1 * libvirt-11.0.0-150700.4.22.1 * libvirt-daemon-11.0.0-150700.4.22.1 * libvirt-daemon-driver-network-11.0.0-150700.4.22.1 * libvirt-daemon-driver-interface-11.0.0-150700.4.22.1 * libvirt-daemon-log-11.0.0-150700.4.22.1 * libvirt-daemon-proxy-11.0.0-150700.4.22.1 * libvirt-daemon-driver-nodedev-11.0.0-150700.4.22.1 * libvirt-daemon-driver-nwfilter-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-scsi-11.0.0-150700.4.22.1 * libvirt-daemon-driver-network-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-core-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-lock-11.0.0-150700.4.22.1 * libvirt-daemon-driver-secret-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-11.0.0-150700.4.22.1 * libvirt-client-11.0.0-150700.4.22.1 * libvirt-devel-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-iscsi-direct-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-mpath-11.0.0-150700.4.22.1 * libvirt-nss-11.0.0-150700.4.22.1 * libvirt-daemon-hooks-11.0.0-150700.4.22.1 * libvirt-daemon-config-nwfilter-11.0.0-150700.4.22.1 * libvirt-daemon-common-11.0.0-150700.4.22.1 * libvirt-client-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-iscsi-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-iscsi-direct-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-plugin-sanlock-11.0.0-150700.4.22.1 * libvirt-debugsource-11.0.0-150700.4.22.1 * libvirt-daemon-common-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-qemu-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-nodedev-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-interface-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-plugin-lockd-11.0.0-150700.4.22.1 * libvirt-daemon-qemu-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-disk-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-plugin-lockd-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-log-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-disk-11.0.0-150700.4.22.1 * Server Applications Module 15-SP7 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-11.0.0-150700.4.22.1 * libvirt-daemon-driver-storage-rbd-11.0.0-150700.4.22.1 * Server Applications Module 15-SP7 (noarch) * libvirt-doc-11.0.0-150700.4.22.1 * Server Applications Module 15-SP7 (x86_64) * libvirt-daemon-driver-libxl-11.0.0-150700.4.22.1 * libvirt-daemon-xen-11.0.0-150700.4.22.1 * libvirt-daemon-driver-libxl-debuginfo-11.0.0-150700.4.22.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1242979 * https://jira.suse.com/browse/PED-15886 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:41 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:41 -0000 Subject: SUSE-SU-2026:1835-1: moderate: Security update for Mesa Message-ID: <177868984109.1208.13121391114620127574@e3afc95ed2e8> # Security update for Mesa Announcement ID: SUSE-SU-2026:1835-1 Release Date: 2026-05-12T16:18:06Z Rating: moderate References: * bsc#1261998 Cross-References: * CVE-2026-40393 CVSS scores: * CVE-2026-40393 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2026-40393 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-40393 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for Mesa fixes the following issue: * CVE-2026-40393: out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party (bsc#1261998). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1835=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1835=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1835=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * Mesa-drivers-debugsource-22.3.5-150500.77.8.1 * libOSMesa-devel-22.3.5-150500.77.8.1 * Mesa-debugsource-22.3.5-150500.77.8.1 * Mesa-dri-debuginfo-22.3.5-150500.77.8.1 * Mesa-libEGL1-22.3.5-150500.77.8.1 * Mesa-libEGL-devel-22.3.5-150500.77.8.1 * libOSMesa8-debuginfo-22.3.5-150500.77.8.1 * libOSMesa8-22.3.5-150500.77.8.1 * libgbm1-22.3.5-150500.77.8.1 * Mesa-dri-22.3.5-150500.77.8.1 * libgbm-devel-22.3.5-150500.77.8.1 * Mesa-libGL-devel-22.3.5-150500.77.8.1 * Mesa-devel-22.3.5-150500.77.8.1 * Mesa-dri-devel-22.3.5-150500.77.8.1 * libgbm1-debuginfo-22.3.5-150500.77.8.1 * Mesa-libGLESv3-devel-22.3.5-150500.77.8.1 * Mesa-KHR-devel-22.3.5-150500.77.8.1 * Mesa-libGLESv1_CM-devel-22.3.5-150500.77.8.1 * Mesa-libGL1-22.3.5-150500.77.8.1 * Mesa-libglapi-devel-22.3.5-150500.77.8.1 * Mesa-libglapi0-22.3.5-150500.77.8.1 * Mesa-libGLESv2-devel-22.3.5-150500.77.8.1 * Mesa-libglapi0-debuginfo-22.3.5-150500.77.8.1 * Mesa-libEGL1-debuginfo-22.3.5-150500.77.8.1 * Mesa-libGL1-debuginfo-22.3.5-150500.77.8.1 * Mesa-22.3.5-150500.77.8.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64 i586) * libxatracker-devel-1.0.0-150500.77.8.1 * Mesa-gallium-22.3.5-150500.77.8.1 * Mesa-libOpenCL-22.3.5-150500.77.8.1 * libxatracker2-1.0.0-150500.77.8.1 * libvdpau_nouveau-22.3.5-150500.77.8.1 * libvdpau_nouveau-debuginfo-22.3.5-150500.77.8.1 * libvdpau_virtio_gpu-debuginfo-22.3.5-150500.77.8.1 * libvdpau_radeonsi-22.3.5-150500.77.8.1 * Mesa-gallium-debuginfo-22.3.5-150500.77.8.1 * libvdpau_r600-debuginfo-22.3.5-150500.77.8.1 * Mesa-libOpenCL-debuginfo-22.3.5-150500.77.8.1 * libvdpau_virtio_gpu-22.3.5-150500.77.8.1 * Mesa-dri-nouveau-debuginfo-22.3.5-150500.77.8.1 * libvdpau_r300-debuginfo-22.3.5-150500.77.8.1 * libxatracker2-debuginfo-1.0.0-150500.77.8.1 * libvdpau_r600-22.3.5-150500.77.8.1 * libvdpau_radeonsi-debuginfo-22.3.5-150500.77.8.1 * Mesa-dri-nouveau-22.3.5-150500.77.8.1 * Mesa-libva-22.3.5-150500.77.8.1 * libvdpau_r300-22.3.5-150500.77.8.1 * Mesa-libva-debuginfo-22.3.5-150500.77.8.1 * openSUSE Leap 15.5 (aarch64 x86_64 i586) * Mesa-libd3d-22.3.5-150500.77.8.1 * Mesa-libd3d-devel-22.3.5-150500.77.8.1 * libvulkan_radeon-debuginfo-22.3.5-150500.77.8.1 * Mesa-vulkan-device-select-22.3.5-150500.77.8.1 * Mesa-vulkan-overlay-debuginfo-22.3.5-150500.77.8.1 * Mesa-vulkan-device-select-debuginfo-22.3.5-150500.77.8.1 * libvulkan_radeon-22.3.5-150500.77.8.1 * Mesa-vulkan-overlay-22.3.5-150500.77.8.1 * libvulkan_lvp-22.3.5-150500.77.8.1 * libvulkan_lvp-debuginfo-22.3.5-150500.77.8.1 * Mesa-libd3d-debuginfo-22.3.5-150500.77.8.1 * openSUSE Leap 15.5 (x86_64) * Mesa-libglapi-devel-32bit-22.3.5-150500.77.8.1 * Mesa-vulkan-device-select-32bit-22.3.5-150500.77.8.1 * Mesa-libEGL1-32bit-22.3.5-150500.77.8.1 * Mesa-gallium-32bit-22.3.5-150500.77.8.1 * libvulkan_intel-32bit-22.3.5-150500.77.8.1 * libvdpau_virtio_gpu-32bit-debuginfo-22.3.5-150500.77.8.1 * libvulkan_radeon-32bit-debuginfo-22.3.5-150500.77.8.1 * libOSMesa8-32bit-22.3.5-150500.77.8.1 * Mesa-libd3d-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-dri-32bit-22.3.5-150500.77.8.1 * Mesa-gallium-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libGL-devel-32bit-22.3.5-150500.77.8.1 * libvdpau_virtio_gpu-32bit-22.3.5-150500.77.8.1 * libgbm1-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libd3d-32bit-22.3.5-150500.77.8.1 * Mesa-libglapi0-32bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_r300-32bit-22.3.5-150500.77.8.1 * libgbm1-32bit-22.3.5-150500.77.8.1 * Mesa-libd3d-devel-32bit-22.3.5-150500.77.8.1 * libvdpau_radeonsi-32bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_nouveau-32bit-debuginfo-22.3.5-150500.77.8.1 * libvulkan_radeon-32bit-22.3.5-150500.77.8.1 * Mesa-libGL1-32bit-22.3.5-150500.77.8.1 * Mesa-dri-nouveau-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-dri-nouveau-32bit-22.3.5-150500.77.8.1 * libOSMesa-devel-32bit-22.3.5-150500.77.8.1 * Mesa-32bit-22.3.5-150500.77.8.1 * Mesa-dri-32bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_radeonsi-32bit-22.3.5-150500.77.8.1 * libvdpau_r300-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libEGL1-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libGLESv2-devel-32bit-22.3.5-150500.77.8.1 * libgbm-devel-32bit-22.3.5-150500.77.8.1 * libvulkan_intel-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libGL1-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-vulkan-overlay-32bit-22.3.5-150500.77.8.1 * Mesa-libGLESv1_CM-devel-32bit-22.3.5-150500.77.8.1 * Mesa-libglapi0-32bit-22.3.5-150500.77.8.1 * libvdpau_r600-32bit-22.3.5-150500.77.8.1 * libvdpau_nouveau-32bit-22.3.5-150500.77.8.1 * Mesa-libEGL-devel-32bit-22.3.5-150500.77.8.1 * libvdpau_r600-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-vulkan-device-select-32bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-vulkan-overlay-32bit-debuginfo-22.3.5-150500.77.8.1 * libOSMesa8-32bit-debuginfo-22.3.5-150500.77.8.1 * openSUSE Leap 15.5 (x86_64 i586) * libvulkan_intel-debuginfo-22.3.5-150500.77.8.1 * libvulkan_intel-22.3.5-150500.77.8.1 * openSUSE Leap 15.5 (aarch64_ilp32) * Mesa-libglapi0-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-dri-vc4-64bit-debuginfo-22.3.5-150500.77.8.1 * libgbm-devel-64bit-22.3.5-150500.77.8.1 * Mesa-libd3d-64bit-22.3.5-150500.77.8.1 * libgbm1-64bit-22.3.5-150500.77.8.1 * Mesa-vulkan-overlay-64bit-22.3.5-150500.77.8.1 * libvdpau_nouveau-64bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_r600-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-dri-nouveau-64bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_radeonsi-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-vulkan-device-select-64bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_radeonsi-64bit-22.3.5-150500.77.8.1 * Mesa-dri-64bit-22.3.5-150500.77.8.1 * Mesa-libd3d-devel-64bit-22.3.5-150500.77.8.1 * Mesa-libEGL-devel-64bit-22.3.5-150500.77.8.1 * libvulkan_radeon-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-vulkan-overlay-64bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_nouveau-64bit-22.3.5-150500.77.8.1 * Mesa-libGL1-64bit-22.3.5-150500.77.8.1 * Mesa-libGLESv2-devel-64bit-22.3.5-150500.77.8.1 * libOSMesa8-64bit-22.3.5-150500.77.8.1 * Mesa-64bit-22.3.5-150500.77.8.1 * Mesa-dri-64bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_r300-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libd3d-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-gallium-64bit-debuginfo-22.3.5-150500.77.8.1 * libvdpau_r600-64bit-22.3.5-150500.77.8.1 * Mesa-libglapi-devel-64bit-22.3.5-150500.77.8.1 * Mesa-gallium-64bit-22.3.5-150500.77.8.1 * libOSMesa8-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libglapi0-64bit-22.3.5-150500.77.8.1 * Mesa-dri-vc4-64bit-22.3.5-150500.77.8.1 * Mesa-libEGL1-64bit-debuginfo-22.3.5-150500.77.8.1 * libvulkan_radeon-64bit-22.3.5-150500.77.8.1 * libgbm1-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libGL1-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libGLESv1_CM-devel-64bit-22.3.5-150500.77.8.1 * Mesa-dri-nouveau-64bit-22.3.5-150500.77.8.1 * libvdpau_virtio_gpu-64bit-debuginfo-22.3.5-150500.77.8.1 * Mesa-libEGL1-64bit-22.3.5-150500.77.8.1 * libOSMesa-devel-64bit-22.3.5-150500.77.8.1 * Mesa-libGL-devel-64bit-22.3.5-150500.77.8.1 * libvdpau_r300-64bit-22.3.5-150500.77.8.1 * Mesa-vulkan-device-select-64bit-22.3.5-150500.77.8.1 * libvdpau_virtio_gpu-64bit-22.3.5-150500.77.8.1 * openSUSE Leap 15.5 (aarch64) * libvulkan_freedreno-debuginfo-22.3.5-150500.77.8.1 * Mesa-dri-vc4-22.3.5-150500.77.8.1 * libvulkan_broadcom-debuginfo-22.3.5-150500.77.8.1 * libvulkan_freedreno-22.3.5-150500.77.8.1 * libvulkan_broadcom-22.3.5-150500.77.8.1 * Mesa-dri-vc4-debuginfo-22.3.5-150500.77.8.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * Mesa-drivers-debugsource-22.3.5-150500.77.8.1 * Mesa-libglapi0-22.3.5-150500.77.8.1 * libgbm1-debuginfo-22.3.5-150500.77.8.1 * Mesa-libglapi0-debuginfo-22.3.5-150500.77.8.1 * Mesa-debugsource-22.3.5-150500.77.8.1 * Mesa-dri-debuginfo-22.3.5-150500.77.8.1 * libgbm1-22.3.5-150500.77.8.1 * Mesa-dri-22.3.5-150500.77.8.1 * Mesa-libEGL1-22.3.5-150500.77.8.1 * Mesa-libGL1-22.3.5-150500.77.8.1 * Mesa-libEGL1-debuginfo-22.3.5-150500.77.8.1 * Mesa-libGL1-debuginfo-22.3.5-150500.77.8.1 * Mesa-22.3.5-150500.77.8.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le x86_64) * Mesa-gallium-debuginfo-22.3.5-150500.77.8.1 * Mesa-gallium-22.3.5-150500.77.8.1 * Basesystem Module 15-SP7 (aarch64 ppc64le x86_64) * Mesa-drivers-debugsource-22.3.5-150500.77.8.1 * libvdpau_r300-debuginfo-22.3.5-150500.77.8.1 * libvdpau_r300-22.3.5-150500.77.8.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40393.html * https://bugzilla.suse.com/show_bug.cgi?id=1261998 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:45 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:45 -0000 Subject: SUSE-RU-2026:1832-1: moderate: Recommended update for checkmedia Message-ID: <177868984515.1208.17231302321395300853@e3afc95ed2e8> # Recommended update for checkmedia Announcement ID: SUSE-RU-2026:1832-1 Release Date: 2026-05-12T13:54:26Z Rating: moderate References: * bsc#1260860 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for checkmedia fixes the following issues: * Update to version 6.6: * include pre-built documentation (bsc#1260860) * simplify spec file * add support for GPT partitions ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1832=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1832=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1832=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1832=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1832=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1832=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1832=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1832=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1832=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * checkmedia-6.6-150400.3.9.1 * libmediacheck6-6.6-150400.3.9.1 * checkmedia-debuginfo-6.6-150400.3.9.1 * checkmedia-debugsource-6.6-150400.3.9.1 * libmediacheck6-debuginfo-6.6-150400.3.9.1 * libmediacheck-devel-6.6-150400.3.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1260860 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:51 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:51 -0000 Subject: SUSE-RU-2026:1831-1: moderate: Recommended update for rust, rust1.95 Message-ID: <177868985199.1208.16464700113721946438@e3afc95ed2e8> # Recommended update for rust, rust1.95 Announcement ID: SUSE-RU-2026:1831-1 Release Date: 2026-05-12T12:50:49Z Rating: moderate References: * jsc#PED-11411 * jsc#SLE-18626 Affected Products: * Development Tools Module 15-SP7 * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that contains two features can now be installed. ## Description: This update for rust, rust1.95 fixes the following issues: Changes in rust1.95: * Add rust1.95 * Release notes can be found externally: https://github.com/rust- lang/rust/releases/tag/1.95.0 Changes in rust: * Update to version 1.95.0 - for details see the rust1.95 package ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-1831=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-1831=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1831=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1831=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1831=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1831=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1831=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1831=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1831=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1831=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1831=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1831=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1831=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1831=1 ## Package List: * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150500.27.68.1 * rust-1.95.0-150500.27.68.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64 nosrc) * rust1.95-1.95.0-150300.7.3.1 * Development Tools Module 15-SP7 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * rust1.95-debuginfo-1.95.0-150300.7.3.1 * rust-src-1.95.0-150300.21.87.1 * rust-1.95.0-150300.21.87.1 * cargo-1.95.0-150300.21.87.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 nosrc) * rust1.95-1.95.0-150300.7.3.1 * openSUSE Leap 15.3 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * openSUSE Leap 15.3 (nosrc) * rust1.95-test-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150500.27.68.1 * rust-1.95.0-150500.27.68.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc x86_64) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150500.27.68.1 * rust-1.95.0-150500.27.68.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc x86_64) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * rust-1.95.0-150400.24.75.1 * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150400.24.75.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rust-src-1.95.0-150400.24.75.1 * rust-1.95.0-150400.24.75.1 * cargo-1.95.0-150400.24.75.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * cargo-1.95.0-150500.27.68.1 * rust-src-1.95.0-150500.27.68.1 * rust-1.95.0-150500.27.68.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150500.27.68.1 * rust-1.95.0-150500.27.68.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150500.27.68.1 * rust-1.95.0-150500.27.68.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rust-1.95.0-150400.24.75.1 * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150400.24.75.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150500.27.68.1 * rust-1.95.0-150500.27.68.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le x86_64) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150500.27.68.1 * rust-1.95.0-150500.27.68.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (nosrc ppc64le x86_64) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rust-1.95.0-150400.24.75.1 * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150400.24.75.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rust-1.95.0-150400.24.75.1 * rust1.95-debuginfo-1.95.0-150300.7.3.1 * cargo-1.95.0-150400.24.75.1 * cargo1.95-debuginfo-1.95.0-150300.7.3.1 * cargo1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * rust1.95-1.95.0-150300.7.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * rust1.95-src-1.95.0-150300.7.3.1 ## References: * https://jira.suse.com/browse/PED-11411 * https://jira.suse.com/browse/SLE-18626 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:30:56 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:30:56 -0000 Subject: SUSE-SU-2026:1830-1: important: Security update for MozillaFirefox Message-ID: <177868985673.1208.9852421074502461087@e3afc95ed2e8> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2026:1830-1 Release Date: 2026-05-12T12:00:51Z Rating: important References: * bsc#1263110 * bsc#1264378 Cross-References: * CVE-2026-7320 * CVE-2026-7321 * CVE-2026-7322 * CVE-2026-7323 * CVE-2026-8090 * CVE-2026-8091 * CVE-2026-8092 * CVE-2026-8094 CVSS scores: * CVE-2026-7320 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-7321 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-7322 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-7323 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-8090 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8090 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-8091 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8091 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8092 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8092 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-8094 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-8094 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves eight vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues Updated to Firefox Extended Support Release 140.10.2 ESR (bsc#1264378,MFSA 2026-41): * CVE-2026-8090: Use-after-free in the DOM: Networking component. * CVE-2026-8092: Memory safety bugs fixed in Firefox ESR 115.35.2, Firefox ESR 140.10.2 and Firefox 150.0.2. * CVE-2026-8094: Other issue in the WebRTC component. Updated to Firefox Extended Support Release 140.10.1 ESR (bsc#1263110,MFSA 2026-36): * CVE-2026-7320: Information disclosure due to incorrect boundary conditions in the Audio/Video component. * CVE-2026-7321: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. * CVE-2026-7322: Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. * CVE-2026-7323: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1. * CVE-2026-8091: Incorrect boundary conditions in the Audio/Video: Playback component. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1830=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1830=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-140.10.2-112.313.1 * MozillaFirefox-debugsource-140.10.2-112.313.1 * MozillaFirefox-translations-common-140.10.2-112.313.1 * MozillaFirefox-debuginfo-140.10.2-112.313.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * MozillaFirefox-devel-140.10.2-112.313.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * MozillaFirefox-140.10.2-112.313.1 * MozillaFirefox-debugsource-140.10.2-112.313.1 * MozillaFirefox-translations-common-140.10.2-112.313.1 * MozillaFirefox-debuginfo-140.10.2-112.313.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * MozillaFirefox-devel-140.10.2-112.313.1 ## References: * https://www.suse.com/security/cve/CVE-2026-7320.html * https://www.suse.com/security/cve/CVE-2026-7321.html * https://www.suse.com/security/cve/CVE-2026-7322.html * https://www.suse.com/security/cve/CVE-2026-7323.html * https://www.suse.com/security/cve/CVE-2026-8090.html * https://www.suse.com/security/cve/CVE-2026-8091.html * https://www.suse.com/security/cve/CVE-2026-8092.html * https://www.suse.com/security/cve/CVE-2026-8094.html * https://bugzilla.suse.com/show_bug.cgi?id=1263110 * https://bugzilla.suse.com/show_bug.cgi?id=1264378 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:00 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:00 -0000 Subject: SUSE-SU-2026:1829-1: important: Security update for MozillaFirefox Message-ID: <177868986005.1208.9250478659398377811@e3afc95ed2e8> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2026:1829-1 Release Date: 2026-05-12T12:00:21Z Rating: important References: * bsc#1263110 Cross-References: * CVE-2026-7320 * CVE-2026-7321 * CVE-2026-7322 * CVE-2026-7323 CVSS scores: * CVE-2026-7320 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-7321 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2026-7322 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2026-7323 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * Desktop Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves four vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues Updated to Firefox Extended Support Release 140.10.1 ESR (bsc#1263110,MFSA 2026-36): * CVE-2026-7320: Information disclosure due to incorrect boundary conditions in the Audio/Video component. * CVE-2026-7321: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. * CVE-2026-7322: Memory safety bugs fixed in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. * CVE-2026-7323: Memory safety bugs fixed in Firefox ESR 140.10.1 and Firefox 150.0.1. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1829=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1829=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1829=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1829=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1829=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1829=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1829=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1829=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1829=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1829=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1829=1 ## Package List: * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * Desktop Applications Module 15-SP7 (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * MozillaFirefox-debugsource-140.10.1-150200.152.234.1 * MozillaFirefox-140.10.1-150200.152.234.1 * MozillaFirefox-translations-other-140.10.1-150200.152.234.1 * MozillaFirefox-debuginfo-140.10.1-150200.152.234.1 * MozillaFirefox-translations-common-140.10.1-150200.152.234.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * MozillaFirefox-devel-140.10.1-150200.152.234.1 ## References: * https://www.suse.com/security/cve/CVE-2026-7320.html * https://www.suse.com/security/cve/CVE-2026-7321.html * https://www.suse.com/security/cve/CVE-2026-7322.html * https://www.suse.com/security/cve/CVE-2026-7323.html * https://bugzilla.suse.com/show_bug.cgi?id=1263110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:03 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:03 -0000 Subject: SUSE-SU-2026:1828-1: important: Security update for dnsmasq Message-ID: <177868986322.1208.4471752339682343011@e3afc95ed2e8> # Security update for dnsmasq Announcement ID: SUSE-SU-2026:1828-1 Release Date: 2026-05-12T09:07:07Z Rating: important References: * bsc#1258251 Cross-References: * CVE-2026-2291 CVSS scores: * CVE-2026-2291 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-2291 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for dnsmasq fixes the following issue: * CVE-2026-2291: VU#471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect (bsc#1258251). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1828=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1828=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150100.7.34.1 * dnsmasq-debugsource-2.90-150100.7.34.1 * dnsmasq-2.90-150100.7.34.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150100.7.34.1 * dnsmasq-debugsource-2.90-150100.7.34.1 * dnsmasq-2.90-150100.7.34.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2291.html * https://bugzilla.suse.com/show_bug.cgi?id=1258251 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:06 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:06 -0000 Subject: SUSE-SU-2026:1827-1: important: Security update for dnsmasq Message-ID: <177868986628.1208.11077870650778329067@e3afc95ed2e8> # Security update for dnsmasq Announcement ID: SUSE-SU-2026:1827-1 Release Date: 2026-05-12T09:06:53Z Rating: important References: * bsc#1258251 Cross-References: * CVE-2026-2291 CVSS scores: * CVE-2026-2291 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-2291 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for dnsmasq fixes the following issue: * CVE-2026-2291: VU#471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect (bsc#1258251). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1827=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1827=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1827=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1827=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1827=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1827=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1827=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1827=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1827=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1827=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1827=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1827=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1827=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1827=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1827=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1827=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1827=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1827=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * dnsmasq-utils-debuginfo-2.90-150400.16.9.1 * dnsmasq-utils-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * dnsmasq-utils-debuginfo-2.90-150400.16.9.1 * dnsmasq-utils-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.9.1 * dnsmasq-2.90-150400.16.9.1 * dnsmasq-debugsource-2.90-150400.16.9.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2291.html * https://bugzilla.suse.com/show_bug.cgi?id=1258251 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:09 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:09 -0000 Subject: SUSE-SU-2026:1826-1: important: Security update for dnsmasq Message-ID: <177868986964.1208.483260878445869642@e3afc95ed2e8> # Security update for dnsmasq Announcement ID: SUSE-SU-2026:1826-1 Release Date: 2026-05-12T09:04:35Z Rating: important References: * bsc#1258251 Cross-References: * CVE-2026-2291 CVSS scores: * CVE-2026-2291 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-2291 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for dnsmasq fixes the following issue: * CVE-2026-2291: VU#471747: dnsmasq can be abused to record false cached data enabling DoS or attacker redirect (bsc#1258251). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-1826=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-1826=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debugsource-2.78-18.24.1 * dnsmasq-2.78-18.24.1 * dnsmasq-debuginfo-2.78-18.24.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * dnsmasq-debugsource-2.78-18.24.1 * dnsmasq-2.78-18.24.1 * dnsmasq-debuginfo-2.78-18.24.1 ## References: * https://www.suse.com/security/cve/CVE-2026-2291.html * https://bugzilla.suse.com/show_bug.cgi?id=1258251 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:12 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:12 -0000 Subject: SUSE-SU-2026:1821-1: moderate: Security update for NetworkManager Message-ID: <177868987273.1208.17489599266713474113@e3afc95ed2e8> # Security update for NetworkManager Announcement ID: SUSE-SU-2026:1821-1 Release Date: 2026-05-12T08:00:19Z Rating: moderate References: * bsc#1257359 Cross-References: * CVE-2025-9615 CVSS scores: * CVE-2025-9615 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2025-9615 ( NVD ): 3.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.4 An update that solves one vulnerability can now be installed. ## Description: This update for NetworkManager fixes the following issue: * CVE-2025-9615: Fixed non-admin user using others' certificates (bsc#1257359). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1821=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libnm0-debuginfo-1.32.12-150400.3.3.1 * NetworkManager-1.32.12-150400.3.3.1 * typelib-1_0-NM-1_0-1.32.12-150400.3.3.1 * libnm0-1.32.12-150400.3.3.1 * NetworkManager-debugsource-1.32.12-150400.3.3.1 * NetworkManager-debuginfo-1.32.12-150400.3.3.1 * NetworkManager-devel-1.32.12-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * NetworkManager-branding-upstream-1.32.12-150400.3.3.1 * NetworkManager-lang-1.32.12-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * NetworkManager-devel-32bit-1.32.12-150400.3.3.1 * libnm0-32bit-1.32.12-150400.3.3.1 * libnm0-32bit-debuginfo-1.32.12-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libnm0-64bit-1.32.12-150400.3.3.1 * libnm0-64bit-debuginfo-1.32.12-150400.3.3.1 * NetworkManager-devel-64bit-1.32.12-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9615.html * https://bugzilla.suse.com/show_bug.cgi?id=1257359 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:16 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:16 -0000 Subject: SUSE-SU-2026:1820-1: important: Security update for python-Mako Message-ID: <177868987602.1208.1911339479977681698@e3afc95ed2e8> # Security update for python-Mako Announcement ID: SUSE-SU-2026:1820-1 Release Date: 2026-05-12T08:00:01Z Rating: important References: * bsc#1262716 Cross-References: * CVE-2026-41205 CVSS scores: * CVE-2026-41205 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41205 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-41205 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41205 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-Mako fixes the following issue: * CVE-2026-41205: Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal (bsc#1262716). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1820=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1820=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1820=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1820=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1820=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1820=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1820=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1820=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-Mako-1.0.7-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-Mako-1.0.7-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python3-Mako-1.0.7-150000.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python3-Mako-1.0.7-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-Mako-1.0.7-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python3-Mako-1.0.7-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-Mako-1.0.7-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python3-Mako-1.0.7-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41205.html * https://bugzilla.suse.com/show_bug.cgi?id=1262716 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:19 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:19 -0000 Subject: SUSE-SU-2026:1819-1: important: Security update for python-Mako Message-ID: <177868987914.1208.11102065543014675747@e3afc95ed2e8> # Security update for python-Mako Announcement ID: SUSE-SU-2026:1819-1 Release Date: 2026-05-12T07:59:09Z Rating: important References: * bsc#1262716 Cross-References: * CVE-2026-41205 CVSS scores: * CVE-2026-41205 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41205 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-41205 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-41205 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-Mako fixes the following issue: * CVE-2026-41205: Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal (bsc#1262716). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1819=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-1819=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1819=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1819=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Mako-1.3.0-150600.3.3.1 * Python 3 Module 15-SP7 (noarch) * python311-Mako-1.3.0-150600.3.3.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * python311-Mako-1.3.0-150600.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * python311-Mako-1.3.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2026-41205.html * https://bugzilla.suse.com/show_bug.cgi?id=1262716 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:30 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:30 -0000 Subject: SUSE-SU-2026:1818-1: important: Security update for python39 Message-ID: <177868989061.1208.589906297069589833@e3afc95ed2e8> # Security update for python39 Announcement ID: SUSE-SU-2026:1818-1 Release Date: 2026-05-12T07:58:54Z Rating: important References: * bsc#1258364 * bsc#1259989 * bsc#1261969 * bsc#1261970 * bsc#1262098 * bsc#1262319 * bsc#1262654 Cross-References: * CVE-2026-1502 * CVE-2026-3446 * CVE-2026-3479 * CVE-2026-4786 * CVE-2026-6019 * CVE-2026-6100 CVSS scores: * CVE-2026-1502 ( SUSE ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-1502 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2026-1502 ( NVD ): 5.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3446 ( SUSE ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-3446 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2026-3446 ( NVD ): 6.0 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-3479 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3479 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2026-3479 ( NVD ): 0.0 CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4786 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-4786 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L * CVE-2026-4786 ( NVD ): 7.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6019 ( SUSE ): 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N * CVE-2026-6019 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-6100 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-6100 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-6100 ( NVD ): 9.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities and has one security fix can now be installed. ## Description: This update for python39 fixes the following issues: Security issues fixed: * CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF (bsc#1261969). * CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed (bsc#1261970). * CVE-2026-3479: improper resource argument validation in `pkgutil.get_data()` can lead to path traversal (bsc#1259989). * CVE-2026-4786: URLs prefixed with `%action` can pass the dash-prefix safety check and allow for command injection (bsc#1262319). * CVE-2026-6019: `BaseCookie.js_output()` does not neutralize characters in cookie values embedded in JS (bsc#1262654). * CVE-2026-6100: use-after-free in `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when process is under memory pressure(bsc#1262098). Other updates and bugfixes: * Rewrite structure of Python interpreter packages. `python3*` symbols should be now provided by real python3 packages and its subpackages instead of the virtual provides (bsc#1258364). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1818=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2026-1818=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1818=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * python39-dbm-3.9.25-150300.4.106.1 * python39-base-3.9.25-150300.4.106.1 * python39-3.9.25-150300.4.106.1 * libpython3_9-1_0-3.9.25-150300.4.106.1 * python39-curses-3.9.25-150300.4.106.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-dbm-3.9.25-150300.4.106.1 * python39-testsuite-3.9.25-150300.4.106.1 * python39-base-3.9.25-150300.4.106.1 * python39-tools-3.9.25-150300.4.106.1 * python39-curses-debuginfo-3.9.25-150300.4.106.1 * python39-core-debugsource-3.9.25-150300.4.106.1 * python39-debuginfo-3.9.25-150300.4.106.1 * python39-testsuite-debuginfo-3.9.25-150300.4.106.1 * python39-tk-debuginfo-3.9.25-150300.4.106.1 * python39-doc-3.9.25-150300.4.106.1 * python39-debugsource-3.9.25-150300.4.106.1 * python39-doc-devhelp-3.9.25-150300.4.106.1 * python39-idle-3.9.25-150300.4.106.1 * python39-dbm-debuginfo-3.9.25-150300.4.106.1 * python39-base-debuginfo-3.9.25-150300.4.106.1 * python39-3.9.25-150300.4.106.1 * python39-devel-3.9.25-150300.4.106.1 * libpython3_9-1_0-debuginfo-3.9.25-150300.4.106.1 * python39-curses-3.9.25-150300.4.106.1 * libpython3_9-1_0-3.9.25-150300.4.106.1 * python39-tk-3.9.25-150300.4.106.1 * openSUSE Leap 15.3 (x86_64) * libpython3_9-1_0-32bit-3.9.25-150300.4.106.1 * python39-32bit-debuginfo-3.9.25-150300.4.106.1 * python39-32bit-3.9.25-150300.4.106.1 * python39-base-32bit-3.9.25-150300.4.106.1 * libpython3_9-1_0-32bit-debuginfo-3.9.25-150300.4.106.1 * python39-base-32bit-debuginfo-3.9.25-150300.4.106.1 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-64bit-3.9.25-150300.4.106.1 * libpython3_9-1_0-64bit-debuginfo-3.9.25-150300.4.106.1 * libpython3_9-1_0-64bit-3.9.25-150300.4.106.1 * python39-base-64bit-debuginfo-3.9.25-150300.4.106.1 * python39-base-64bit-3.9.25-150300.4.106.1 * python39-64bit-debuginfo-3.9.25-150300.4.106.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * python39-dbm-3.9.25-150300.4.106.1 * python39-base-3.9.25-150300.4.106.1 * python39-3.9.25-150300.4.106.1 * python39-curses-3.9.25-150300.4.106.1 * libpython3_9-1_0-3.9.25-150300.4.106.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1502.html * https://www.suse.com/security/cve/CVE-2026-3446.html * https://www.suse.com/security/cve/CVE-2026-3479.html * https://www.suse.com/security/cve/CVE-2026-4786.html * https://www.suse.com/security/cve/CVE-2026-6019.html * https://www.suse.com/security/cve/CVE-2026-6100.html * https://bugzilla.suse.com/show_bug.cgi?id=1258364 * https://bugzilla.suse.com/show_bug.cgi?id=1259989 * https://bugzilla.suse.com/show_bug.cgi?id=1261969 * https://bugzilla.suse.com/show_bug.cgi?id=1261970 * https://bugzilla.suse.com/show_bug.cgi?id=1262098 * https://bugzilla.suse.com/show_bug.cgi?id=1262319 * https://bugzilla.suse.com/show_bug.cgi?id=1262654 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:36 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:36 -0000 Subject: SUSE-SU-2026:1817-1: important: Security update for mozjs60 Message-ID: <177868989672.1208.13668804546257934958@e3afc95ed2e8> # Security update for mozjs60 Announcement ID: SUSE-SU-2026:1817-1 Release Date: 2026-05-12T07:58:34Z Rating: important References: * bsc#1259713 * bsc#1259728 * bsc#1259731 Cross-References: * CVE-2026-32776 * CVE-2026-32777 * CVE-2026-32778 CVSS scores: * CVE-2026-32776 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32776 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32776 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32776 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32777 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32777 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32777 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32777 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32778 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-32778 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-32778 ( NVD ): 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-32778 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * Desktop Applications Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for mozjs60 fixes the following issues * CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value (bsc#1259728). * CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing (bsc#1259713). * CVE-2026-32778: libexpat: NULL pointer dereference in `setContext` on retry after an out-of-memory condition (bsc#1259731). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1817=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1817=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1817=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1817=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1817=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1817=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1817=1 * Desktop Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1817=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1817=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1817=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1817=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1817=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1817=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1817=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1817=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1817=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * mozjs60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * mozjs60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * mozjs60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * mozjs60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * mozjs60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * mozjs60-devel-60.9.0-150200.6.11.1 * libmozjs-60-60.9.0-150200.6.11.1 * libmozjs-60-debuginfo-60.9.0-150200.6.11.1 * mozjs60-debugsource-60.9.0-150200.6.11.1 * mozjs60-debuginfo-60.9.0-150200.6.11.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32776.html * https://www.suse.com/security/cve/CVE-2026-32777.html * https://www.suse.com/security/cve/CVE-2026-32778.html * https://bugzilla.suse.com/show_bug.cgi?id=1259713 * https://bugzilla.suse.com/show_bug.cgi?id=1259728 * https://bugzilla.suse.com/show_bug.cgi?id=1259731 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed May 13 16:31:41 2026 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 May 2026 16:31:41 -0000 Subject: SUSE-SU-2026:1816-1: moderate: Security update for krb5 Message-ID: <177868990128.1208.1912643591777502430@e3afc95ed2e8> # Security update for krb5 Announcement ID: SUSE-SU-2026:1816-1 Release Date: 2026-05-12T07:56:38Z Rating: moderate References: * bsc#1263366 * bsc#1263367 Cross-References: * CVE-2026-40355 * CVE-2026-40356 CVSS scores: * CVE-2026-40355 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40355 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40356 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-40356 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues * CVE-2026-40355: Denial of Service via NULL pointer dereference in NegoEx mechanism (bsc#1263366). * CVE-2026-40356: Denial of Service via integer underflow and out-of-bounds read (bsc#1263367). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-1816=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1816=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-otp-1.20.1-150500.3.20.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.20.1 * krb5-mini-devel-1.20.1-150500.3.20.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.20.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.20.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.20.1 * krb5-client-debuginfo-1.20.1-150500.3.20.1 * krb5-mini-debuginfo-1.20.1-150500.3.20.1 * krb5-devel-1.20.1-150500.3.20.1 * krb5-mini-debugsource-1.20.1-150500.3.20.1 * krb5-debugsource-1.20.1-150500.3.20.1 * krb5-server-debuginfo-1.20.1-150500.3.20.1 * krb5-client-1.20.1-150500.3.20.1 * krb5-mini-1.20.1-150500.3.20.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.20.1 * krb5-1.20.1-150500.3.20.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.20.1 * krb5-server-1.20.1-150500.3.20.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.20.1 * krb5-debuginfo-1.20.1-150500.3.20.1 * openSUSE Leap 15.5 (x86_64) * krb5-32bit-1.20.1-150500.3.20.1 * krb5-devel-32bit-1.20.1-150500.3.20.1 * krb5-32bit-debuginfo-1.20.1-150500.3.20.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150500.3.20.1 * krb5-devel-64bit-1.20.1-150500.3.20.1 * krb5-64bit-1.20.1-150500.3.20.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * krb5-client-1.20.1-150500.3.20.1 * krb5-1.20.1-150500.3.20.1 * krb5-debugsource-1.20.1-150500.3.20.1 * krb5-debuginfo-1.20.1-150500.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2026-40355.html * https://www.suse.com/security/cve/CVE-2026-40356.html * https://bugzilla.suse.com/show_bug.cgi?id=1263366 * https://bugzilla.suse.com/show_bug.cgi?id=1263367 -------------- next part -------------- An HTML attachment was scrubbed... URL: